MAC security (Re: Question about Wireless)
Derek Broughton
news at pointerstop.ca
Tue Nov 27 16:21:50 UTC 2007
Miano, Steven M. wrote:
>> bounces at lists.ubuntu.com] On Behalf Of Felipe Figueiredo
>>
>> Em Tuesday 27 November 2007 12:45:26 Nils Kassube escreveu:
>>
>> > MAC filtering means that the AP only talks to a known set of MAC
...
>> Interesting. I assume one would have to know beforehand of a permitted
>> MAC in order to use this attack vector.
>>
>> Just out of curiosity, is there any known way (not brute force) to
>> discover
>> such permitted MAC addresses that script kids can exploit?
ethereal/wireshark
> The WAP I use at home only accepts 4 different MAC addresses, my laptop,
> my work laptop, my roommate's laptop, and my roommate's work laptop. It
> also only allows for 7 IPs to be leased out from it, ever. If someone were
> to sniff the packets and discover any of the 4 different MAC addresses and
> then spoof the MAC address with their own computer, that's fabulous, and
> if they really want to go that far to use our internet connection, good on
> them.
It's not fabulous, because it can make it impossible for _you_ to use that
MAC.
> Sniffing packets at a local Starbucks you can farm MAC addresses if you
> really want to, but really it's not something that anyone would really
> have an interest in doing.
?? It certainly is. With a router between your LAN and the Internet, you
really don't have to worry too much about intrusions from the Internet -
and if you're using HTTPS and TLS for anything sensitive they can't sniff
the data - but if you're letting somebody onto your wireless LAN, suddenly
they're inside your firewall and have access to your own computers.
> Seriously though, how secure do you need your WAP, and what do you do for
> a living that you need to wear that tin foil hat?
This is just basic security - not "tin foil hat" territory, but it's pretty
funny when you follow it by _this_ which is real tin foil hat stuff:
>
> CONFIDENTIALITY NOTICE: This e-mail may contain information that is
> privileged, confidential or otherwise protected from disclosure. If you
> are not the intended recipient of this e-mail, please notify the sender
> immediately by return e-mail, purge it and do not disseminate or copy it.
--
derek
More information about the ubuntu-users
mailing list