• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Useless wireless security options.

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
DreamerBrian

DreamerBrian

Member
Joined
Sep 19, 2010
Location
Seattle
So I read a lot about wireless security on the forum (just as we all do) and many people make the statement that certain security options for wireless are useless. For example: disabling SSID broadcast and MAC address filtering. I understand the point that those security options can be exploited but I do not understand how. Anyone care to explain how besides just "use a packet sniffer"?

Brian
 
OK so with MAC spoofing you use your packet sniffer to monitor the traffic > find the MAC address that is successfully communicating with the desired network > change the MAC address value of your NIC to match the MAC address value of the computer that is successfully communicating.

Easy enough in Linux because you only have to disable/re-enable the interface and change the address in the command line. I looked it up on Wikipedia and in W7 you have to change the value in the registry supposedly within the "NetworkAddress" value that is located in a subkey under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318} or you can download programs that do it for you.

Cool. Makes sense now. I wouldn't say that MAC address filtering is worthless because of the minimal amount of processing power that it requires. It would be a good measure to use in conjunction with other measures.

Brian
 
DreamerBrian said:
I understand the point that those security options can be exploited but I do not understand how. Anyone care to explain how besides just "use a packet sniffer"?
Click to expand...

1. Anybody with a few brain cells and Wireshark can pull all your MAC addresses out of the air in five seconds. Every network transmission (whether wireless or not) includes the MAC address of the source.

2. If you set the router to not broadcast the SSID, then every client broadcasts it. "Hiding" the SSID effectively makes your network MORE visible. Also, when you take your laptop to the airport, it will still be probing for your home SSID. Somebody with a packet sniffer will see that, and set up a fake AP under that SSID. Your laptop will happily connect to it, and they'll eavesdrop on everything you do (unless you've set up the association with a specific MAC address; NetworkManager in Linux will allow adding an AP's MAC address to a network profile. That way it will only associate if both the SSID and MAC match, so that TSA d-bag won't be able to hi-jack your connection (he'll probably still steal your underwear, though)).

DreamerBrain said:
Cool. Makes sense now. I wouldn't say that MAC address filtering is worthless because of the minimal amount of processing power that it requires. It would be a good measure to use in conjunction with other measures.
Click to expand...

No, it wouldn't. 1+0 is still only 1. Adding the zero is useless.
 
Last edited:
I didn't know that if you disabled SSID broadcast then all of the clients attempting to connect to that SSID advertise it in each request to connect. Good to know!
 
You must log in or register to reply here.

Similar threads

GunnerMan
AMD 1700 System Review and Upgrade Advice
Replies
1
Views
691
trents
trents
1
SOLVED How to use an Optimum WiFi hot spot with multiple computers
Replies
7
Views
37K
nyc67
N
wagex
[how to] configure lancache in ubuntu 16.04 under hyper-V
Replies
17
Views
9K
wagex
wagex
c627627
How I modded my Windows 10 installation - How (not) to install Windows 10
Replies
2
Views
9K
c627627
c627627
(G{in}[AK)TION]
The DirecTV "Reciever IP Callback"
Replies
2
Views
7K
(G{in}[AK)TION]
(G{in}[AK)TION]
Back