[MLB-WIRELESS] MAC security - how good is it?

Mathew McKernan mathewmckernan at optushome.com.au
Tue Feb 11 20:09:00 EST 2003


Hi Nathan,

Personally I'd use MAC security along with some form of encryption, such as
VTUN (Linux) or even FreeSwan. Little harder for routing etc, steep learning
curve if you have never done it. But I learnt it in about 2 months of
playing around on and off. MAC Security is insecure but can slow down a
hacker/wardriver from entering your wireless LAN for a few extra minutes.
But it will NOT stop them from sniffing your data. At work I use FreeSwan
between two Linux boxes which in turn connect to our Wireless Bridges/AP (we
only use 802.11 to join our LANs). We also use MAC and WEP on top of that,
so even if you crack WEP on our link and successfully sniff the data, you
will end up with jibberish from IPSec. Each of the boxes have no outgoing
services on the AP interfaces in case the hacker cracks WEP and then hack
the boxes to get into the LAN.

Just an idea,

Thanks

Mathew

----- Original Message -----
From: "Cameron McCormack" <clm at mail.csse.monash.edu.au>
To: "Nath P" <nathp at optushome.com.au>
Cc: "'melbwireless'" <melbwireless at wireless.org.au>
Sent: Tuesday, February 11, 2003 8:46 PM
Subject: Re: [MLB-WIRELESS] MAC security - how good is it?


> Hi Nathan.
>
> Nath P:
> > I was wondering, how good is mac security by itself with no other
security?
> > thanks,
>
> Pretty insecure, actually.  You can change the mac address used by the
> interface quite easily.  e.g. in Linux you can just do "ifconfig wlan0
> hw 12:34:56:78:90:ab" and that mac address will be used instead of the
> one stored in the adapter's ROM.  Using netstumbler or some sniffing
> program you can just find out which mac addresses are being used on a
> wireless LAN and just use one of them.
>
> Cameron
>
> --
> Cameron McCormack
>   // clm at csse.monash.edu.au
>   // http://www.csse.monash.edu.au/~clm/
>   // icq 26955922
>
> To unsubscribe: send mail to majordomo at wireless.org.au
> with "unsubscribe melbwireless" in the body of the message


To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message



More information about the Melbwireless mailing list