[Dshield] Wireless MAC Authentication options.

Josh Tolley josh at raintreeinc.com
Mon Jun 20 16:11:29 GMT 2005


David Cary Hart wrote:
> I'm not so sure. MAC authentication is based upon the MAC of the client
> card which isn't broadcast (to the best of my knowledge) in any fashion.
> Why would a MAC id be subject to compromise?

The MAC address is transmitted -- it has to be. Otherwise it couldn't 
serve its purpose, namely to identify the sending and receiving 
stations. It's not sent out with "anyone listening" as its intended 
recipient, but anyone with their antenna on can receive the transmission 
and find the MAC address in the frame. From there, it's trivial with the 
right hardware and software to change your own MAC address to one that 
you've seen transmit successfully in the past.

Josh Tolley
Raintree Systems, Inc.
http://www.raintreeinc.com
Office Phone: (801) 293-3090
Corporate Office: (760) 509-9000




More information about the list mailing list