Number of wireless clients per WRT54GL?
Kurt Granroth
kurt+plug-discuss at granroth.com
Sat Sep 8 12:55:59 MST 2007
Michael Sammartano wrote:
> Additionally, if the router is setup so that only specific mac
> addresses can get connected, and they are static (turn DHCP off), no
> ssid is broadcast the connection is even more secure. I highly doubt
> there would be an issue. By the time the encryption was broken, the
> ttl would be long dead.
I'm not yet convinced that MAC filtering and SSID hiding would really
pose much of a challenge to a cracker if you are already using WPA-PSK.
Here's my reasoning. Everyone should feel free to tell me where I'm
wrong if I am wrong about this:
The first layer of security will be the WPA. Pretty much the only way
to crack in is to brute force the password. The way to *get* the
(encrypted) password is to inject some tricky packets to force a
re-authentication. Part of this process results in the SSID being
broadcast in clear text so you have that already by the time you've
cracked in.
Now that you are in, you can view all the packets in clear text with a
sniffer. The MAC address is prominently displayed right up front in all
packets so it's trivial to find a valid one. The IP address is also
there. It's equally trivial to "spoof" your own MAC address once you
have one.
So at this point, you have the WPA password, the SSID, and a valid MAC
address and IP. That's all you'd need!
Now filtering the MAC would make one thing trickier: The cracker would
need you to be online while he was doing the cracking AND he would need
you to be offline when he was actually using it. So it's better than
nothing, I guess.
Kurt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20070908/9d24e18f/attachment.pgp
More information about the PLUG-discuss
mailing list