Sometimes you scan the neighborhood for the wireless connections, you see open connections but can not connect to them. Well this is possible because they use MAC filtering to secure up their network.
I will try to explain how to bypass this protection

NOTE: This is for EDUCATION purpose only to show you it is possible to bypass this security. I am not responsible for unauthorized use of these information.

Requirements :

1- You need some tool for sniffing the traffic. I suggest using Aircrack-ng (http://www.aircrack-ng.org/)
2- You need some tool to change your MAC address. I use MacMakeUp (http://www.gorlani.com/publicprj/macmakeup/macmakeup.asp)

Action On Windows:
First you need to sniff the traffic around you. Open Airodump read the screen and make your selections
For me it is : Interface = 4 Intel Pro® Wireless 2200bg, Interface type =a , Channels=0 (if you want to sniff the traffic in all channels) , Output file prefix : Up to you!, Only Write wep IV's : y (This will save you some space) then proceed
Edit: ipw2200 will not work under windows, i used an USR usb stick to capture traffic around.

You should see something like this on your screen:
BSSID, First time seen, Last time seen, Channel, Speed, Privacy, Power, # beacons, # data, LAN IP, ESSID
00:**:BF:53:**:**, 2006-12-09 21:29:36, 2006-12-09 21:35:54, 6, 54, OPN , 13, 224, 62, 192.168. 2. 2, AIRTIES
Station MAC, First time seen, Last time seen, Power, # packets, BSSID, ESSID
00:**:F0:BF:**:**, 2006-12-09 21:29:39, 2006-12-09 21:35:40, 16, 79, 00:**:BF:53:**:**, AIRTIES

It also logs the details to a text file in the same directory.

This tells you that 00:**:F0:BF:**:** is the client connecting to that network so you can confidently assume that it is added on the Allow list. So open MacMakeUp, select your interface and enter this mac adress without the colons. click press and it will cycle your interface.

Next time you try to connect to that network ends up with success


In linux you can use
airodump-ng -c 0 -w Prefix eth1
this tells you to monitor all channels on interface eth1 and log them to a file with the Prefix after -w
if you don't know your wireless cards interface type iwconfig or ifconfig -a

Conclusion :
As you see it is possible to bypass this security precaution. And more important if someone monitors your connection they may be able to get crucial information about you. For example i can see what sites the network clients has been surfing around. MAC filtering must not be trusted for securing your network. You must use password protection in order to secure your network (preferable WPA not WEP, i will explain it in another article). So thats all for today.

Can ISIKLI (bombshop)

This post has been edited by bombshop: Apr 4 2007, 10:31 AM

This is not very nice for me, i am a mac user.lol
STOP TELLING PEOPLE
Jokes
I don't really care, but this is cool, i could work a way round this.

Thanks for this tip

-Lewis

as you can tell unauthorized users using your connection is not the only problem here. For example if you choose capturing all the traffic (not only IV's) they can tell what sites you have been visiting. And as they capture all the traffic they can sniff your passwords or so.
So be aware

i could just maybe simply just put all my secret stuff in an encrypted folder which would stop people from getting my information. I can encrypt all my information. Simple and effective.

Except encrypting folders and files is worthless unless the encryption is higher than 128bits. A decent computer with the right software can easily crack 64 bits in 5 minutes at most.

Encrypting your folders and files is one thing but encrypting your wireless network connection is for sure another thing. Let me tell you one thing. Just listening to the network traffic i have one of my friends mail box and password INDEED OPEN!!! You know what that means? it means that i have an UNRESTRICTED ACCESS on the e-mail account that has been compromised! And let me add, i can read google mails that has been read by the "victim". just beware. And also i took me 31 seconds to crack a 64 bit wep key with nearly 300,000 iv's.
For your attention..

This post has been edited by bombshop: Jan 28 2007, 12:03 AM

Merhaba
ilk önce şunu sormak isterim bu yazılanları illaki airodump ilemi yapmak lazım benim kartım bcm4318 çipli ve airodump bunu desteklemiyor ama airopeek programı dinleme yapabiliyor
tşk

Açıkçası başka pek bir program denemedim ama kendi kartına uygun driver bulabileceğini düşünüyorum. Belki backtrack kullanarak deneyebilirsin. Backtrack'de ben kartımı tanıtmak için hiç uğraşmadım mesela. Belki senin kartını da tanıyordur.

Well this is all good and nice, however where I live few people have Ethernet LANS much less wireless. My best security advice on this matter:

Use Ethernet.

explain to me how to by-pass a wireless connection
Wireless: Bypassing Mac Filtering

Replying to bombshophello I am really impress by your knowlege I knew computer but not as good as you,I have a wireless toshiba computer a pentium M,and the is a wirless internate connection in my area it always indicate to me that I should put the network key,so teach me like a small child the step explain to me every step you mention in details.I am really waiting to here you reply through my yahoomail.XXXXX@yahoo.Com.Thanks me pls reply me.



-mado



--------------

Edit : mado, do not put your E-mail address here, it's safer to use our PM system.