IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [mac-spoofing]

59 questions
25
votes
4 answers

Identification of a laptop using a spoofed WiFi MAC address

I own a small coffee shop in a highly-populated area. We've noticed that several computers are connecting to our WiFi network using spoofed MAC addresses (e.g. 11:22:33:44:55:66). Is there any way of identifying these machines? Is there any way to…
Moth Yelby
  • 353
  • 2
  • 6
13
votes
8 answers

Randomizing MAC addresses on bootup

Since it is possible to set custom MAC addresses, wouldn't it make sense to have a new one as often as possible/convenient (i.e. on bootup)? It would seem that is useful to both attacker and victim (harder to log/less problems with undirected…
McEnroe
  • 233
  • 2
  • 6
11
votes
4 answers

How to break MAC address filtering?

If a MAC filter prevents you from connecting to a network, how can you break it or include your device's MAC in that filter?
EHY
  • 185
  • 1
  • 1
  • 9
11
votes
1 answer

Bypassing hidden SSID and MAC filtering "protection"

I was browsing over this question and had some follow up questions from a practical perspective. What tools will show the SSID of an AP with the SSID set to hidden or broadcasting disabled? I have looked at Kismet and similar tools but they don't…
Sonny Ordell
  • 3,476
  • 9
  • 33
  • 56
10
votes
7 answers

How can I restrict access to network data by an unauthorized computer that connects via Ethernet?

I assume I can configure most routers to only assign IP addresses to specific MAC addresses, as is possible with wireless routers. However what if a computer is connected via Ethernet and does not ask for an IP address? What can they skim off the…
Wholemilk
  • 101
  • 1
  • 3
8
votes
4 answers

Security provided through MAC filtering: Wired vs. Wireless Networks

My question refers to the following article on Wikipedia: MAC Filtering. The article states: MAC filtering is not effective control in wireless network as attackers can eavesdrop on wireless transmissions. However MAC filtering is more effective…
Karl Hardr
  • 692
  • 5
  • 12
8
votes
2 answers

What is the best way to protect a captive portal againt MAC spoofing

What is the best way to protect a captive portal againt MAC spoofing? The MAC Address appears one of the only ways to distinguish wireless clients from one another, anything one authenticated client sends can simply be spoofed by a rogue client. The…
Jamie
  • 183
  • 1
  • 9
6
votes
1 answer

Reasons behind MAC Spoofing on a corporate network?

My team is inspecting some MAC Spoofing events that are triggering in our corporate environment. After talking it over with the team, this is the information that we have that is relevant.... The events are being triggered by our client-side…
Ormis
  • 1,940
  • 13
  • 18
5
votes
1 answer

Wireless MAC Address Filtering - Authentication/Association

Can somebody explain to me how a wireless AP denies access to the network if the client does not have the correct MAC Address. Does it not send a probe response when a client has not got a correct MAC. Or when the client tries to authenticate, it…
Mintuz
  • 273
  • 3
  • 5
5
votes
4 answers

Can a website still detect my real MAC address even if I use different virtual machine each time I visit the website?

Suppose I use a proxy and a different virtual machine each time I visit a particular website, will a website still be able to detect my MAC address and/or uniquely identify me? Assume that the website owner does privacy violations like inserting…
srikanth chandrasekaran
  • 67
  • 1
  • 1
  • 2
5
votes
1 answer

MAC spoof not working?

I have set up our home router to only allow certain MAC addresses to connect. One way to test if the filter is working is to spoof a MAC address not in the list and trying to connect to the router. So I have used macshift already to change my MAC…
Mywiki Witwiki
  • 199
  • 1
  • 1
  • 8
5
votes
3 answers

How can I make it more difficult for a user to create multiple accounts?

I would like to know the best way to increase security on a website so that the a single user can't create multiple accounts. What all of a user can be traced? I'm thinking: IP address Mac address Browser details Computer name and its details I…
adam rai
  • 51
  • 1
  • 2
5
votes
1 answer

How can Port Stealing be used as a MiTM attack?

I read about and tried a lot of MiTM attacks but I just don't get how Port Stealing can be used as a MiTM attack. In my understanding one can "steal" a Port by sending Ethernet Frames faking the victims source MAC-Address with the goal of confusing…
davidb
  • 4,285
  • 3
  • 19
  • 31
4
votes
2 answers

Identify malicious hosts in our network by sending valid domain credentials

We are currently whitelisting the hosts owned by our company on our Cisco switches to prevent private hosts in our network. This works pretty well but someone can still spoof the MAC address of his host. Now we had the idea to create a domain user…
davidb
  • 4,285
  • 3
  • 19
  • 31
4
votes
1 answer

How does Karma's open WiFi network successfully protect its users?

Foreword This question has a lot of build-up, so please scroll down to the bottom if you just want to see the question. Please at least skim the background info, though. Background I ordered a Karma Go hotspot with their "Neverstop" unlimited…
allquixotic
  • 618
  • 1
  • 5
  • 14
1
2 3 4