Mac Address Change

Are the MAC addresses of most wifi radios changeable?

Which address of which is used in authentication when connecting to an
AP?

User x buys a radio to connect to local AP. If Admin Y does not like
user x net activities, even if legal, he simply has to block x's MAC and
the radio is then useless for that AP.

JDavidson wrote:
> Are the MAC addresses of most wifi radios changeable?
>
> Which address of which is used in authentication when connecting to an
> AP?
>
> User x buys a radio to connect to local AP. If Admin Y does not like
> user x net activities, even if legal, he simply has to block x's MAC
> and the radio is then useless for that AP.

Or Admin Y can choose to only allow certain MAC addresses.

On Tue, 13 Jun 2006 02:43:42 GMT, "DanR" <(E-Mail Removed)> wrote
in <yDpjg.49515$(E-Mail Removed)> :

>JDavidson wrote:
>> Are the MAC addresses of most wifi radios changeable?

Yes.

>> Which address of which is used in authentication when connecting to an
>> AP?
>>
>> User x buys a radio to connect to local AP. If Admin Y does not like
>> user x net activities, even if legal, he simply has to block x's MAC
>> and the radio is then useless for that AP.

Essentially meaningless, because x can easily snoop and spoof some other
MAC.

>Or Admin Y can choose to only allow certain MAC addresses.

Essentially meaningless for the same reason.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_How_To>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

John Navas wrote:
> On Tue, 13 Jun 2006 02:43:42 GMT, "DanR" <(E-Mail Removed)> wrote
> in <yDpjg.49515$(E-Mail Removed)> :
>
>> JDavidson wrote:
>>> Are the MAC addresses of most wifi radios changeable?
>
> Yes.
>
>>> Which address of which is used in authentication when connecting to
>>> an AP?
>>>
>>> User x buys a radio to connect to local AP. If Admin Y does not like
>>> user x net activities, even if legal, he simply has to block x's MAC
>>> and the radio is then useless for that AP.
>
> Essentially meaningless, because x can easily snoop and spoof some
> other MAC.
>
>> Or Admin Y can choose to only allow certain MAC addresses.
>
> Essentially meaningless for the same reason.

I see that written here often. So John explain in a way that everyone can
understand the procedure to "easily spoof" the 'allowed' MAC address of a
client radio.

On Tue, 13 Jun 2006 13:03:20 GMT, "DanR" <(E-Mail Removed)> wrote
in <sIyjg.23950$(E-Mail Removed) >:

>John Navas wrote:
>> On Tue, 13 Jun 2006 02:43:42 GMT, "DanR" <(E-Mail Removed)> wrote
>> in <yDpjg.49515$(E-Mail Removed)> :
>>
>>> JDavidson wrote:
>>>> Are the MAC addresses of most wifi radios changeable?
>>
>> Yes.
>>
>>>> Which address of which is used in authentication when connecting to
>>>> an AP?
>>>>
>>>> User x buys a radio to connect to local AP. If Admin Y does not like
>>>> user x net activities, even if legal, he simply has to block x's MAC
>>>> and the radio is then useless for that AP.
>>
>> Essentially meaningless, because x can easily snoop and spoof some
>> other MAC.
>>
>>> Or Admin Y can choose to only allow certain MAC addresses.
>>
>> Essentially meaningless for the same reason.
>
>I see that written here often. So John explain in a way that everyone can
>understand the procedure to "easily spoof" the 'allowed' MAC address of a
>client radio.

<http://www.tech-faq.com/wi-fi-software-tools.shtml#wi-fi-software-tools-for-unix>
<http://www.uninett.no/wlan/wlanthreat.html#02>
<http://tuxmobil.org/linux_wireless_sniffer.html>
<http://wiki.personaltelco.net/index.cgi/WirelessSniffer>
<http://www.engadget.com/2006/01/22/wifi-sniffer-turns-your-ds-into-a-wardriving-tool/>
<http://www.sharewareconnection.com/sniff-em.htm>
<http://en.wikipedia.org/wiki/AiroPeek>
<http://www.wildpackets.com/products/airopeek/overview>
<http://en.wikipedia.org/wiki/MAC_address#Changing_MAC_addresses>
<http://www.klcconsulting.net/smac/>

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_How_To>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

DanR wrote:

> John Navas wrote:
>>
>> Essentially meaningless, because x can easily snoop and spoof some
>> other MAC.
>>
>>> Or Admin Y can choose to only allow certain MAC addresses.
>>
>> Essentially meaningless for the same reason.
>
> I see that written here often. So John explain in a way that everyone can
> understand the procedure to "easily spoof" the 'allowed' MAC address of a
> client radio.

Beats me how you'd do it on Windows. On my linux system, I put the MAC
address I want to use in a single config file, and that's all the network
will see.
--
derek

"DanR" <(E-Mail Removed)> hath wroth:

>I see that written here often. So John explain in a way that everyone can
>understand the procedure to "easily spoof" the 'allowed' MAC address of a
>client radio.

There's quite a bit here on changing the MAC address.
http://en.wikipedia.org/wiki/MAC_add..._MAC_addresses

The proceedure is quite simple. The idea is to impersonate a
previously connected valid client radio:
1. Passive sniff some valid over the air traffic with Kismet.
That should disclose the clients MAC and IP addresses.
2. Use one of the various utilities listed in the above URL to
change the MAC address.
3. (Optional) If IP address filtering is active, also set a
static IP address.
4. Wait for the ARP table in the router to flush and then connect.

--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Jeff Liebermann <(E-Mail Removed)> wrote in
news:(E-Mail Removed):

> "DanR" <(E-Mail Removed)> hath wroth:
>
>>I see that written here often. So John explain in a way that everyone
>>can understand the procedure to "easily spoof" the 'allowed' MAC
>>address of a client radio.
>
> There's quite a bit here on changing the MAC address.
> http://en.wikipedia.org/wiki/MAC_add..._MAC_addresses
>
> The proceedure is quite simple. The idea is to impersonate a
> previously connected valid client radio:
> 1. Passive sniff some valid over the air traffic with Kismet.
> That should disclose the clients MAC and IP addresses.
> 2. Use one of the various utilities listed in the above URL to
> change the MAC address.

As Derek points out above, I think this is OS dependent and cannot be
done on some OS's, including I think earlier versions of Windows.


<snip>

"JDavidson" <(E-Mail Removed)> wrote in message
news:e6n53p$2tq9$(E-Mail Removed)...
> Jeff Liebermann <(E-Mail Removed)> wrote in
> news:(E-Mail Removed):
>
> > "DanR" <(E-Mail Removed)> hath wroth:
> >
> >>I see that written here often. So John explain in a way that everyone
> >>can understand the procedure to "easily spoof" the 'allowed' MAC
> >>address of a client radio.
> >
> > There's quite a bit here on changing the MAC address.
> > http://en.wikipedia.org/wiki/MAC_add..._MAC_addresses
> >
> > The proceedure is quite simple. The idea is to impersonate a
> > previously connected valid client radio:
> > 1. Passive sniff some valid over the air traffic with Kismet.
> > That should disclose the clients MAC and IP addresses.
> > 2. Use one of the various utilities listed in the above URL to
> > change the MAC address.
>
> As Derek points out above, I think this is OS dependent and cannot be
> done on some OS's, including I think earlier versions of Windows.
>
Agreed.

But network card drivers for some LAN adaptors have always allowed this even
in old flavors of Windows or even DOS.

Anything that supported DECnet or SNA had to allow the MAC to be changed in
some way (note that these requirements predate 802.11 WLANs). Most WLAN
drivers seem to pretend to be Ethernet, so have inherited some capabilities.

dont you love backward compatibility?
>
> <snip>
--
Regards

(E-Mail Removed) - replace xyz with ntl

JDavidson wrote:

>>
>>The proceedure is quite simple. The idea is to impersonate a
>>previously connected valid client radio:
>>1. Passive sniff some valid over the air traffic with Kismet.
>> That should disclose the clients MAC and IP addresses.
>>2. Use one of the various utilities listed in the above URL to
>> change the MAC address.
>
>
> As Derek points out above, I think this is OS dependent and cannot be
> done on some OS's, including I think earlier versions of Windows.
>
>

You can change the MAC in most (all) contemporary operating systems.

Most old Ethernet cards had an OS independent flash utilty. You booted
up with a floppy, loaded the utility and entered whatever MAC you wanted
and then wrote it to the EPROM.