MAC Spoofing Prevention in Wireless

[Enis Sahin <enis.c.sahin () gmail com>]

Hello List,

I have recently been involved in a security test of a wireless
environment using Aruba controllers and a captive portal. As an
obvious attack vector I tried spoofing the MAC (and IP) addresses of
valid authenticated users but it didn't grant me access. I've been
told that MAC spoofing prevention is one of the feature of the Aruba
wireless controllers.

I've Googled a bit but haven't come across a good explanation. How
does MAC spoofing detection work on wireless networks? What
information does a controller utilize on lower layers to detect that a
packet is coming from a spoofed MAC?

Thanks.

--
http://www.enissahin.com | http://twitter.com/enis_sahin

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------