No announcement yet.

WiFi - MAC Spoofing

  • Time
  • Show
Clear All
new posts

  • WiFi - MAC Spoofing

    For access points that employ MAC filtering, an attacker will attempt to use MAC spoofing to bypass this feature. MAC filtering is usually implemented using a whitelist of MAC addresses for clients that are allowed to connect to the access point but can also be done using a blacklist. An attacker will capture traffic between the access point and any client that is connected to the access point and configure his own computer to use one of the authenticated clients whitelisted MAC address.
    The attacker is required to wait for the authenticated client to disconnect before he can use the MAC address of that client to ensure he is not easily detected. Reusing the MAC address of an associated and active client may cause issues that will alert the end user that something is wrong. Using a MAC filter will not improve security noticeably as it is very easy to bypass. Note that the MAC address bears many names including hardware address, layer 2 address, physical address and Burned-In-Address (BIA).
    Certified Security Geek