On Sun, 2 Nov 2008, Per Jessen wrote:- <snip>
James, given the number of possible MAC addresses, it would be virtually impossible to guess a single one for accessing somebodys wireless network, so surely those people are not _that_ delusional in thinking it adds to their wireless access security?
You don't need to _guess_ the MAC addresses. While MAC address filtering can provide some "protection" from systems or users that don't have nefarious intent, it provides no protection from those that do. All they need is something like aircrack-ng or airsnort[0], both of which will read the data packets being passed between a wireless router/access point and a connected computer, and easily extract the required MAC addresses. If the user is still using WEP, they can have the required encryption keys within a minute, or they can try using a dictionary attack a to try and find the WPA key. With the MAC address and WEP, they can have access to the network in minutes, whereas with WPA (probably) will take a while longer. As for those that don't have any encryption, they might as well install a flashing neon sign saying "free wireless connections here" [0] Both packages are dual-use. On the one hand, they can be used for penetration testing to help shore up network security. While on the other hand, they can be used for penetration testing to help break in to a (semi-)secured network. Regards, David Bolt -- Team Acorn: http://www.distributed.net/ OGR-NG @ ~100Mnodes RC5-72 @ ~1Mkeys/s SUSE 10.1 32 | | openSUSE 10.3 32b | openSUSE 11.0 32b | openSUSE 10.2 64b | openSUSE 10.3 64b | openSUSE 11.0 64b RISC OS 3.6 | TOS 4.02 | openSUSE 10.3 PPC | RISC OS 3.11 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org