Results 1 to 4 of 4

Thread: Wireless Network Security and MAC Filtering

  1. #1
    Senior Member
    Join Date
    Aug 2002
    Posts
    651

    Wireless Network Security and MAC Filtering

    I found a nice little article on MAC address filtering for WAPs on Techrepublic . You have to register to see the full article, but it's free and well worth it! Tech Republic is a great community to belong to. The link is here to get to the site, and I have posted a good portion of the article below:

    An open door to intruders
    The problem comes when an intruder wants to gain access to your network and has decided to sniff your wireless network traffic. Sitting in your parking lot or some other easily accessible location, an intruder armed with the right hardware and software can easily sniff your wireless network and capture all packets sent to and from your access points. The captured data packets contain all the information the intruder needs to make a connection to your wireless LAN. This information includes the following:

    Authorized MAC addresses
    IP addresses
    IP subnets
    Wireless LAN SSIDs

    The intruder can easily configure a wireless device with a captured IP address and subnet in the device’s TCP/IP Properties window. Configuring captured SSIDs varies from one type of NIC to another, but it’s done from within the configuration software provided with the NIC—again, a very easy configuration to make.

    Enjoy!

    t2k2
    Opinions are like holes - everybody\'s got\'em.

    Smile

  2. #2
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    Ahh yes, the joys of netstumbler. :-) While I remember, has anyone seen support for more wireless cards other than the two that have been supported up till now?

    Actually, by design, wireless is not geared for security. The problem is that there are many ways to beat a wireless network even when WEP is enabled (or LEAP and other auth types). I'm sure that many people here have seen air snort in action. I did a proof of concept for a group of folks who didn't believe that it could be done.

    Even when standards shake out of the trees, I think that wireless will not be secure enough for sensative networks. However, for home use where you can't afford to drop copper or simply can't cut through rock walls, it serves its purpose.

    Cisco has a good doc on their site about wireless but you have to weed out the bias for their equipment.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  3. #3
    Senior Member
    Join Date
    Aug 2002
    Posts
    651
    I agree with you. I think wireless "security" has a long way to go before it can reach a "secure" status. I would be interested in your "proof of concept" experiment if you wouldn't mind posting it or PMing me with some information. I know what you mean about netstumbler; the list of proven compatible cards is depressing. Have you had the chance to use WEP crack?
    Opinions are like holes - everybody\'s got\'em.

    Smile

  4. #4
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    I got my hands on WEP crack but I haven't had a chance to use it. How do you like it?

    Air snort worked great for gathering WEP keys. All I had to do was generate enough traffic.

    I will post some results up here early next week. I'll start a new thread so you can see what I did. The steps are easy and the results are great. The best part is showing uptight business geniuses that their info is not as secure as they think.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •