HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 43 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Wirelessarrow Mac Filtering
EH-Net
May 24, 2013, 03:17:47 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Mac Filtering  (Read 6137 times)
0 Members and 1 Guest are viewing this topic.
robertdaleweir
Newbie
*
Offline Offline

Posts: 1


View Profile
« on: July 11, 2010, 12:32:17 PM »
Hi
  I am a new member to this site and I have a question about Wireless Security.  I have been using MAC Address Filtering within several Routers as a low overhead and secure means of limiting access to my Home Network and several of my friends.  My question is: "Can such a Security approach be really secure or can MAC addresses be Spoofed?"
  I do not use WEP or WPA encryption, just the MAC filtering.  I would appreciate any information on this topic.
  Thanks...
Robert
Logged
Equix3n-
Sr. Member
****
Offline Offline

Posts: 386



View Profile
« Reply #1 on: July 11, 2010, 12:50:48 PM »
MAC addresses can be easily spoofed. Every operating system provides features to change your MAC address http://www.tech-faq.com/how-to-change-a-mac-address.html  http://en.wikipedia.org/wiki/MAC_spoofing
You can even make use of tools to spoof your MAC address.

Follows the "defense-in-depth" approach and employ every possible measure to secure your network, so that if one defense is broken the other stops the attacker.
Use encryption too, otherwise your network is susceptible to sniffing.
« Last Edit: July 11, 2010, 12:52:23 PM by Equix3n- » Logged
ajohnson
Recruiters
Hero Member
*
Offline Offline

Posts: 1060


aka dynamik


View Profile WWW
« Reply #2 on: July 11, 2010, 12:51:40 PM »
Welcome to the forums Smiley

It's actually trivial to sniff and spoof MAC addresses, so you're really only protecting yourself from very casual users. You really should be using WPA or WPA2. Anyone within range can see everything you're transmitting over the wireless network. WEP is broken and can be circumvented in minutes.

Edit: Aw, lost by 52 seconds Sad
Logged
WIP: GCFA | www.infosiege.net | @infosiege

The day you stop learning is the day you start becoming obsolete.
rebrov
Full Member
***
Offline Offline

Posts: 130



View Profile
« Reply #3 on: July 29, 2010, 05:10:34 PM »
thats right with airodump u can analyse packets from AP to users and from them to the AP and when connection established from the users u can get their mac so easy and then deAuthnticate them and spoof the mac to go in

how ever with more secure WPA2 u might be safe
Logged
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #4 on: July 30, 2010, 06:21:56 AM »
You should also make sure that your WPA v.2 encryption phrase is not easily dictionary cracked.  Don't use anything that has to do with your family, address, etc.  I use a random set of alphanum chars.  I view a wireless network as an incident waiting to happen and treat it as such.
Logged
~~~~~~~~~~~~~~
Ketchup
hayabusa
Hero Member
*****
Offline Offline

Posts: 1633



View Profile
« Reply #5 on: July 30, 2010, 10:00:22 AM »
No doubt.  Any time you have a network that can be accessed without having to physically plugin, it's only a matter of time before someone will TRY to get into it.  While they may not (if you follow advice, like Ketchup's, etc) get in, the best policy is to really understand the 'best practices', follow them to a tee, then go as much further as possible, to ensure your security is as 'effective' as possible.
Logged
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH
ajohnson
Recruiters
Hero Member
*
Offline Offline

Posts: 1060


aka dynamik


View Profile WWW
« Reply #6 on: August 01, 2010, 12:10:53 AM »
You guys know about this, right?

https://www.grc.com/passwords.htm

I've personally set mine to a nonsensical passphrase. It contains a complex character set, yet is easy to remember and enter into things like a Wii, iPhone, etc.
Logged
WIP: GCFA | www.infosiege.net | @infosiege

The day you stop learning is the day you start becoming obsolete.
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.077 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.