MAC Authentication

[Guest]

Archived from groups: alt.internet.wireless (More info?)

Why, do you suppose, have they not implemented MAC authentification as the
"Passkey" to enter private networks. Seems to me that since every device has
its own unique MAC address this would serve as a means of
authenticating users to a network. If your MAC isn't in the
"register" then you don't get in...what am I missing here?

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

Gary Eden <geden@tds.net> wrote:
> authenticating users to a network. If your MAC isn't in the
> "register" then you don't get in...what am I missing here?

What you are missing is that a MAC can be cloned trivially with standard
utilities. All you need to do is sniff to see what MACs are allowed, and
wait till one of them disappears, like someone walking out the door with a
laptop. Then you can set your MAC to that address and connect.

MAC filtering is a good step. It is innocuous, causes no performance
penalty, and it is a "go away" sign that is otherwise lacking in WiFi.

--
---
Clarence A Dold - Hidden Valley (Lake County) CA USA 38.8-122.5

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

Gary Eden wrote:

> Why, do you suppose, have they not implemented MAC authentification as the
> "Passkey" to enter private networks. Seems to me that since every device
> has its own unique MAC address this would serve as a means of
> authenticating users to a network. If your MAC isn't in the
> "register" then you don't get in...what am I missing here?

You can change the MAC on many NICs, so that you could spoof another
computer. Also, the MAC is not passed beyond the local network, so if
there are any routers along the way, you won't ever get in.

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

> You can change the MAC on many NICs, so that you could spoof another
^^^^
any

-- Stefan

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

>>You can change the MAC on many NICs, so that you could spoof another
>
> ^^^^
> any
>
> -- Stefan


Their needs to be a solution on windows . Here a solution on linux
laptops : > http://muthanna.com/quickswitch

It even possible for a hacker to capture the electrical signal from a
wireless card to fake out the victims employer security.

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

In article <jwvoepdcukz.fsf-monnier+alt.internet.wireless@gnu.org>,
Stefan Monnier <monnier@iro.umontreal.ca> wrote:
:> You can change the MAC on many NICs, so that you could spoof another
: ^^^^
: any

No, you couldn't change the MAC on some of the earlier
equipment -- at least not without hardware-level work.

NICs have gone through several generations, starting (I understand)
with pure software control of the outgoing bits, then with more
and more of the control migrating into hardware. For a time, MACs
were completely burned in with no provision for overriding them.
Then later the burned in MAC become the just default and ways were provided
to change the MAC. And that's the way it is for pretty much all NICs
you can buy today... But ya never know what's sitting in the drawer
of an old timer. (We don't know all what's in those drawers, either. But
we keep a blunt instrument handy, just in case it tries to sneak out.)
--
"Mathematics? I speak it like a native." -- Spike Milligan

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

Stefan Monnier wrote:

>> You can change the MAC on many NICs, so that you could spoof another
> ^^^^
> any

Can you be absolutely certain that there are no NICs, that cannot be
changed?

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

>>> You can change the MAC on many NICs, so that you could spoof another
>> ^^^^
>> any

> Can you be absolutely certain that there are no NICs, that cannot be
> changed?

Well, there's theory and then there's practice. Maybe in theory there
could be a NIC where it can't be changed.

And we're discussing the risk of someone else being able to change their
MAC, so I don't see the point of showing that there doesn't exist a single
poor fellow who would be unable to switch his MAC to attack you.


Stefan

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

> NICs have gone through several generations, starting (I understand)
> with pure software control of the outgoing bits, then with more
> and more of the control migrating into hardware. For a time, MACs

We're talking wireless here. Have you ever heard of a wireless NIC where
the MAC can't be changed?


Stefan

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

On Wed, 28 Apr 2004 13:54:56 GMT, Stefan Monnier
<monnier@iro.umontreal.ca> wrote:

>> NICs have gone through several generations, starting (I understand)
>> with pure software control of the outgoing bits, then with more
>> and more of the control migrating into hardware. For a time, MACs
>
>We're talking wireless here. Have you ever heard of a wireless NIC where
>the MAC can't be changed?
>
>
> Stefan


The MAC could still be easily spoofed.