[GTALUG] Attacks on MAC address lists (was: suggestions for stopping occasional spurious use of commercial wi-fi)
Jamon Camisso
jamon.camisso at utoronto.ca
Mon Sep 17 11:17:41 EDT 2018
On 16/09/18 17:51, David Collier-Brown via talk wrote:
> I've set up MAC address lists, after a surprising number of reboots to
> unwedge the routerĀ (did I even mention I hate flaky PC-style software?).
>
> How can my hacker avoid them? Wait until my wife's Mac drops off-line
> and steal her MAC?
Actually I'd like to know more about your wifi setup. What kind of
security is/was in place?
I'd be somewhat dubious about a malicious hacker if you were using WPA2
with a decent passphrase. Ok, if WEP, well that takes a few minutes, but
if you're using WEP then all hope is lost..
If WPA2, try it out, fire up aireplay, capture the 4 way handshake and
then run wpacrack against it with a decent dictionary.
If you have a moderately ok passphrase, it will take days on a decently
speced machine to brute force it, if at all.
Howto here: https://aircrack-ng.org/doku.php?id=cracking_wpa
Are you sure something else isn't going on?
More information about the talk
mailing list