How can someone discover allowed MACs in my wifi filter list?

Discussion in 'Tomato Firmware' started by premudriy, Aug 21, 2009.

  1. premudriy

    premudriy LI Guru Member

    Hi guys,

    I live in the area where there are mostly elder people and I'm not really worrying about someone hacking into my system. Therefore, my current security consists of simply hidden SSID and wireless MAC filtering.

    Nevertheless I'm wondering how would someone be able to find some of allowed MACs in my wifi filter list. I know it's easy to replace MAC on a client card, but you need first to know some of allowed MACs, right? How can an attacker find those MACs?
  2. Kiwi8

    Kiwi8 LI Guru Member

    Hope that helps to explain why MAC filtering is not really very effective.
  3. gawd0wns

    gawd0wns Network Guru Member

    Hmm.. If you don't have encryption, someone could probably sniff your network traffic with a simple sniffer, and pick up the MAC address that way. I'm no expert, though I think you might be able to do the same on a network with encryption.

    If you have concerns, just use encryption (WPA-AES, or WPA2-AES) and a long password.

    If you are feeling adventurous, or want to try something new, you can keep your setup and restrict your wifi clients from everything, except for one port to connect to an OpenVPN server running on your router with a simple TUN setup, (you will need TomatoVPN for this) or an SSH server (and use the ssh -D option on your client)...

    Perhaps you could even forbid wifi clients from being issued an lan ip address, and use OpenVPN with a TAP setup... .

    This is all very interesting, but overkill :).. stick with WPA2-AES
  4. baldrickturnip

    baldrickturnip LI Guru Member

    I realise you are just musing , but I thought that the openVPN server only listened at the WAN port and the only way to have the wireless as the WAN port was to set it as client which would mean you could not use it as an access point.
  5. premudriy

    premudriy LI Guru Member

    Ok, I see now. The thing is that the only sniffer (if you can call it this way) I've used in my life is Wireshark. Thus the one thing I remembered about wireshark -> I had to be connected to a network and assigned an IP already. Then I could use wireshark to collect packets.

    So, there is a software that can passively collect all packets from wifi without connecting to a network and, most importantly, it will show to/from MACs as well?
  6. JonasSS

    JonasSS Addicted to LI Member

    WiFi uses radio waves.
    You bet there is some software that can save all the wifi packets. how do you think your client software gets to display a list of WAPS, along with any announced SSID and encryption status - it starts off "listening" to the packets in the air. I don't know how the exact protocol is, but i doubt your wireless card sends any signals to the WAPs it finds before you decide to connect to them - otherwise it would be interesting to have a log of all the Unique cards "handshaking" our routers.

    If you are interesting in a specific software package or something try googling "war driving" - there are complete linux live CDs etc for discovering vulnerable networks.
  7. gawd0wns

    gawd0wns Network Guru Member

    One package you could look at is called BackTrack, they have a DVD image you can burn and boot off of... Perhaps you can download it and test it yourself (always a good way to learn).

    You can have OpenVPN on your own router, and access it from within the network, with Static Key. Though you have to download the latest version of TomatoVPN to use TLS mode, since it gives you the option on whether you want to "Push LAN to clients" instead of doing it automatically with previous versions.

    TAP mode won't work since you are already on the LAN, and already have a LAN ip address on the same range. TUN mode is the only one which will work.
  8. premudriy

    premudriy LI Guru Member

    I just downloaded BackTrack. It's loaded with tools. Will take me month to explore. It's pretty cool.

    Thanks for all your explanations, guys. Now it makes more sense to me.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice