Results 1 to 5 of 5
I am a guest on a wireless network tonight and, although I had the WEP key from the last time I was here, the owner has added MAC address filtering ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 07-21-2007 #1Linux Enthusiast
- Join Date
- Apr 2004
- Location
- UK
- Posts
- 678
Am I causing problems?
I am a guest on a wireless network tonight and, although I had the WEP key from the last time I was here, the owner has added MAC address filtering since then.
Rather than faff with the security settings of the network I snagged a few packets and copied the MAC address off another computer that was using the network at the time.
My thinking is that two physical devices with the same MAC address would appear to be one physical device with two IPs, then each computer would discard the packets with the wrong IP.
Both computers were online at the same time and seemed to have no problems. My question is, was I causing trouble and the computers were just coping with it, or is this a perfectly acceptable thing to do?
Chris...To be good, you must first be bad. "Newbie" is a rank, not a slight.
- 07-21-2007 #2Linux Guru
- Join Date
- Nov 2004
- Posts
- 6,110
I'm surprised it worked actually. MAC address is really only used on the LAN level so I would have thought that DHCP might have tried to give you the same IP address as the other PC. If it works it works but I'm sure you will get some weirdness along the way.
- 07-22-2007 #3Linux Enthusiast
- Join Date
- Oct 2006
- Location
- arizona
- Posts
- 699
thats actualy pretty cool. i know that is to some degree how arp poisoning starts, but i've never heard of it used to trick mac filtering.
New to the internet, technical forums, or the hacker / open source community??
Read this to learn good posting habits http://www.catb.org/~esr/faqs/smart-questions.html
RHCE for RHEL version 5
RHCT for RHEL version 4
- 07-22-2007 #4Linux Enthusiast
- Join Date
- Apr 2004
- Location
- UK
- Posts
- 678
By the time my computer had booted enough for me to fiddle the network settings, it had already tried and failed to use DHCP so I set things up manually. After the other computer was turned off I went back to dhcp and it did give me the same IP, and that would have been a big (temporary) problem had both machines been on at once. I just got lucky there.
Originally Posted by bigtomrodney
meton_magis, this was easier than arp poisoning.
is all that is needed.Code:# ifconfig eth0 hw ether <MAC address>
I had always thought that getting round MAC address filtering like this would require the cloned PC to be offline, but it seems not to be the case.
Chris...To be good, you must first be bad. "Newbie" is a rank, not a slight.
- 07-24-2007 #5Linux Enthusiast
- Join Date
- Apr 2004
- Location
- UK
- Posts
- 678
Some quick research (which I should have done first, but where's the fun in that) turned up this article on mac address spoofing which concludes that a cloned mac address can cause problems because if one machine disassociates from the AP then the other will get booted at the same time. I don't see this a big problem though, because it can re-associate quickly enough to be unnoticeable.
WPA is more serious because when the second client authenticates, the re-keying involved kicks the first client off the network.
Still, it's another reason not to rely on WEP and MAC filtering.
Chris...To be good, you must first be bad. "Newbie" is a rank, not a slight.
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
