Security Basics mailing list archives

RE: Wireless security & MAC Adress spoofing

From: "Burton M. Strauss III" <Burton () FelisCatus org>
Date: Tue, 2 Nov 2004 11:39:32 -0600

Yup ... the MAC addresses are a critical and unalterable part of the basic
Ethernet frame (lower level than even TCP/IP).  It's how devices determine
that a packet is addressed to them.

So any sniffer type application - e.g. Ethereal - can see them just fine,
regardless of higher layer encryption.

-----Burton

-----Original Message-----
From: VI [mailto:vi () vizo com]
Sent: Monday, November 01, 2004 4:10 AM
To: security-basics () securityfocus com
Subject: Wireless security & MAC Adress spoofing

Hi all,

How does anybody that want to spoof a MAC address to connect to a wireless
AP know the right MAC's in the real life?

Are the MAC numbers send along in Cleartext?
Is sniffing the wireless network enough to get hold of the connecting MAC
addresses?

Thanks for answers.

Current thread:

Wireless security & MAC Adress spoofing VI (Nov 02)
- RE: Wireless security & MAC Adress spoofing Burton M. Strauss III (Nov 02)
- Re: Wireless security & MAC Adress spoofing Ansgar -59cobalt- Wiechers (Nov 02)
- <Possible follow-ups>
- RE: Wireless security & MAC Adress spoofing Steven Trewick (Nov 02)