Skip to content

Protect Your Wireless Network with MAC Address Filtering…A Bad Idea

April 26, 2008

To secure your wireless network, you can use a variety of means, and one of which is by selecting only what MAC addresses are allowed. This is known as MAC filtering, and it can serve as a basic deterrent against most opportunistic attackers.

However, just using MAC filtering alone will probably be a bad idea. It doesn’t take much determination or knowledge at all to spoof a MAC address. In fact, it’s actually quite easy to spoof a MAC address, and can be done within 2 steps.

Step 1. Download and run any freely available security tool, for example Nmap. Set it to listen in on network traffic and pick out the MAC address.
Step 2. Change your MAC address to the one you picked out.

In fact, Nmap even allows you to spoof your MAC address by running the “-spoof-mac” command line option. This was originally intended to hide the true source of Nmap probes.

If you don’t have Nmap, you can just spoof your MAC address with the software that comes with most operating systems.

Here are some examples:

1. Linux: ifconfig eth0 hw ether 02:a1:13:d4:00:12

2. MS Windows: the MAC address is stored in a registry key (location of that key varies from one MS Windows version to the next, but you can easily find that and just edit it yourself). Alternatively, download a free tool such as Macshift to help you change your MAC address.

Now that you know how easy it is to spoof your MAC address, start worrying even more, because these simple steps are run automatically and very, very quickly by malware. This means that if you are using MAC filtering to protect your wireless network, you should seriously consider something a little more robust.

Related Posts.