[GTALUG] [u-u] Suggestions for stopping occasional spurious use of commercial wi-fi
Jamon Camisso
jamon.camisso at utoronto.ca
Mon Sep 17 08:51:16 EDT 2018
On 17/09/18 08:37, James Knott via talk wrote:
> On 09/16/2018 09:47 PM, UU via talk wrote:
>> 2. change SSID & don't broadcast it
>>
>
> That's generally not effective. It provides a false sense of security.
Likewise MAC address white listing. It is easy enough to use ip link set
dev address, or ifconfig hw ether to spoof a MAC address.
Anyone who has gone to the trouble to crack your WPA2 PSK security will
be able to spoof a MAC address. Their packet captures will contain
legitimate authenticated clients that can be copied.
arping can be used to hijack the MAC of a currently connected client as
well, no need to wait for them to be offline.
So there's really no benefit to white listing if someone is targeting
you - far more trouble to maintain, and very much encourages a false
sense of security.
Cheers, Jamon
More information about the talk
mailing list