.

Mac Filtering

<<

robertdaleweir

Newbie
Newbie

Posts: 1

Joined: Thu Jul 08, 2010 12:22 pm

Location: British Columbia

Post Sun Jul 11, 2010 12:32 pm

Mac Filtering

Hi
  I am a new member to this site and I have a question about Wireless Security.  I have been using MAC Address Filtering within several Routers as a low overhead and secure means of limiting access to my Home Network and several of my friends.  My question is: "Can such a Security approach be really secure or can MAC addresses be Spoofed?"
  I do not use WEP or WPA encryption, just the MAC filtering.  I would appreciate any information on this topic.
  Thanks...
Robert
<<

Xen

User avatar

Sr. Member
Sr. Member

Posts: 386

Joined: Tue Feb 03, 2009 3:59 am

Post Sun Jul 11, 2010 12:50 pm

Re: Mac Filtering

MAC addresses can be easily spoofed. Every operating system provides features to change your MAC address http://www.tech-faq.com/how-to-change-a ... dress.html  http://en.wikipedia.org/wiki/MAC_spoofing
You can even make use of tools to spoof your MAC address.

Follows the "defense-in-depth" approach and employ every possible measure to secure your network, so that if one defense is broken the other stops the attacker.
Use encryption too, otherwise your network is susceptible to sniffing.
Last edited by Xen on Sun Jul 11, 2010 12:52 pm, edited 1 time in total.
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sun Jul 11, 2010 12:51 pm

Re: Mac Filtering

Welcome to the forums :)

It's actually trivial to sniff and spoof MAC addresses, so you're really only protecting yourself from very casual users. You really should be using WPA or WPA2. Anyone within range can see everything you're transmitting over the wireless network. WEP is broken and can be circumvented in minutes.

Edit: Aw, lost by 52 seconds :(
The day you stop learning is the day you start becoming obsolete.
<<

rebrov

User avatar

Full Member
Full Member

Posts: 130

Joined: Mon May 11, 2009 4:00 pm

Post Thu Jul 29, 2010 5:10 pm

Re: Mac Filtering

thats right with airodump u can analyse packets from AP to users and from them to the AP and when connection established from the users u can get their mac so easy and then deAuthnticate them and spoof the mac to go in

how ever with more secure WPA2 u might be safe
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Fri Jul 30, 2010 6:21 am

Re: Mac Filtering

You should also make sure that your WPA v.2 encryption phrase is not easily dictionary cracked.  Don't use anything that has to do with your family, address, etc.  I use a random set of alphanum chars.  I view a wireless network as an incident waiting to happen and treat it as such.
~~~~~~~~~~~~~~
Ketchup
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Fri Jul 30, 2010 10:00 am

Re: Mac Filtering

No doubt.  Any time you have a network that can be accessed without having to physically plugin, it's only a matter of time before someone will TRY to get into it.  While they may not (if you follow advice, like Ketchup's, etc) get in, the best policy is to really understand the 'best practices', follow them to a tee, then go as much further as possible, to ensure your security is as 'effective' as possible.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sun Aug 01, 2010 12:10 am

Re: Mac Filtering

You guys know about this, right?

https://www.grc.com/passwords.htm

I've personally set mine to a nonsensical passphrase. It contains a complex character set, yet is easy to remember and enter into things like a Wii, iPhone, etc.
The day you stop learning is the day you start becoming obsolete.

Return to Wireless

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software