MAC Address

Martijn van Oosterhout kleptog at svana.org
Fri Oct 18 16:09:40 EST 2002


On Thu, Oct 17, 2002 at 10:26:31PM -0700, ht lee wrote:
> 
> Hi All,
> 
> I was reading about the insecurity of 802.11b and I was just curious why
> would the vendors allow the MAC address of a wireless network to be
> changed? All the websites that I visited only say that it allows MAC
> spoofing, but never say why in the first place they allow MAC address to
> be changed?

I guess it's because when sending a packet, the card doesn't even look at
it's own MAC address. At least with normal network cards the MAC address is
given to the card, but it is the users (ie kernels) responsibility to use
it.

So when you are changing the MAC address of your interface, you're not
changing the card at all, the kernel is simply using the one you gave rather
than the one burned into the card.

There are many reasons why the packets you send would not have your MAC
address, bridging being the obvious. Consider if you told people that no TCP
packets you send could have an IP other than the one attached to your
interface. You wouldn't be able to route anymore. But that also means you
can spoof your IP address.

Hope this helps,
-- 
Martijn van Oosterhout   <kleptog at svana.org>   http://svana.org/kleptog/
> There are 10 kinds of people in the world, those that can do binary
> arithmetic and those that can't.



More information about the wireless mailing list