relying on mac-based authentication
Written by jlgaddis on July 18, 2006 – 12:50 am -Why, after all this time, do people STILL rely on MAC-based authentication? Can someone tell me that?
First, let me say that we employ MAC-based authentication on the wireless network I set up at $work. We do not rely on it, however.
In order to get a valid IP address from our DHCP server, the access points must “authenticate” your MAC address. You could spoof or change your MAC in order to get onto our wireless network. It wouldn’t do you much good, however.
The access points are configured such that one client cannot talk to another client. In addition, once you’re associated with the A.P. and have a valid IP address from the DHCP server, you still can’t do anything! You are, in effect, on an isolated subnet. ACLs are in place that prevent your device from communicating with anything else in the world except for a VPN server on another subnet. In order to “get out”, you first have to establish a VPN connection. This, of course, requires valid credentials.
Even though, you’re somewhat limited. ACLs in place there allow outgoing traffic on 22/TCP, 80/TCP, and 443/TCP. That’s it. Yes, I know that one could set up proxies outside of our network or otherwise bypass these restrictions, but I’m not too concerned with that, to be honest.
Maybe that’s it. Maybe people just aren’t concerned if others “spoof” their MAC addresses and gain access to their wireless networks?
Case in point: Netsurf USA. They provide Internet access to this small town over 802.11 wireless. We have two large water towers, one at each end of town. They’ve got large 802.11 antennas on top of these two water towers, and they put a directional antenna at each customer’s site in order to get them connected. I noticed this tonight when I was sitting on the front porch with the laptop. (Remember, Blueriver hasn’t gotten my DSL up and running as of yet).
NetStumbler showed me a few networks and I remembered these particular SSIDs. I fired up aircrack-ng and it immediately spit out the MAC addresses of a few clients that were communicating with the access point.
Guess how long it took me to get connected (hypothetically, of course). =)
Tags: networking, security | No Comments »
