Re: [NTLK] [NTLK][OT] Lucent Wavelan Turbo Silver - success!

From: Martin Joseph (NT_at_stillnewt.org)
Date: Mon Feb 06 2006 - 09:53:05 PST


On Feb 6, 2006, at 7:38 AM, Paul Curtis wrote:

> I should have prefaced that the only WiFi I use is printing. My
> laptops for
> the most part are hardwired. My wife occasionally takes her laptop
> outside
> with the WiFi in the summer.
>
> I'm curious as to how you validate a spoofed mac address when the
> hardware
> is being checked?
Insisting on an encryption password is the best approach(SPA2
hopefully). Mac addresses are easy to spoof and there is no way to
verify. They aren't really a useful way to insure security.
> This is worrisome. Is this being done by intercepting the
> request for mac address with a script and then feeding the spoofed
> address?
There is no "request" for mac address as far as I know. I think the
mac address is actually present in the TCP/IP stream.
> Also, even if you could spoof the address, how are you going to
> disconnect
> the current connection?
They usually don't need to. They just connect alongside the valid
device and let the chips fall where they may.

My approach is to have two wireless bases here. One that insists on
security, and one that is wide open. The only security measure I do
have on the "wide open" base is that I block port 25, so that random
WIFI users can't SPAM through my address.

Marty

-- 
This is the NewtonTalk list - http://www.newtontalk.net/ for all inquiries
Official Newton FAQ: http://www.chuma.org/newton/faq/
WikiWikiNewt for all kinds of articles: http://tools.unna.org/wikiwikinewt/


This archive was generated by hypermail 2.1.5 : Mon Feb 06 2006 - 10:30:03 PST