Comment by kayson
21 hours ago
Is MAC whitelisting anything but security theater? Isn't it trivial to determine a valid client MAC then spoof it?
21 hours ago
Is MAC whitelisting anything but security theater? Isn't it trivial to determine a valid client MAC then spoof it?
What makes you say that? It does not seem trivial at all to guess a valid MAC.
It's not just a guess.
Any decent sniffer (e.g. airsnort) can immediately identify all associations between all WiFi/Bluetooth devices. DD-WRT (router firmware/OS) has this WiFi-associations detector built-in ("local WiFi map"). There is no need to attempt any sort of hack — associations are publicly-broadcast information.
Then, just pick any authorized MAC and duplicate as your own.
The MAC addresses of all the Wi-Fi clients are broadcasted in plain radio format all over the 2.4GHz. It is trivial.
It's in managmenet frames that you can sniff.
Does wpa3 pmf fix this particular issue?
1 reply →