[GTALUG] Attacks on MAC address lists (was: suggestions for stopping occasional spurious use of commercial wi-fi)

Jamon Camisso jamon.camisso at utoronto.ca
Mon Sep 17 11:17:41 EDT 2018


On 16/09/18 17:51, David Collier-Brown via talk wrote:
> I've set up MAC address lists, after a surprising number of reboots to
> unwedge the routerĀ  (did I even mention I hate flaky PC-style software?).
> 
> How can my hacker avoid them? Wait until my wife's Mac drops off-line
> and steal her MAC?

Actually I'd like to know more about your wifi setup. What kind of
security is/was in place?

I'd be somewhat dubious about a malicious hacker if you were using WPA2
with a decent passphrase. Ok, if WEP, well that takes a few minutes, but
if you're using WEP then all hope is lost..

If WPA2, try it out, fire up aireplay, capture the 4 way handshake and
then run wpacrack against it with a decent dictionary.

If you have a moderately ok passphrase, it will take days on a decently
speced machine to brute force it, if at all.

Howto here: https://aircrack-ng.org/doku.php?id=cracking_wpa

Are you sure something else isn't going on?


More information about the talk mailing list