Finding a MAC address

Live forum: http://forum.freeipodguide.com/viewtopic.php?t=77737

hairyferry

05-11-2008 14:33:49

I'm trying to block someone from my router so I need to find their MAC address. Is there a way I can find it without physically going to their computer? I'm using a linksys router.

TFOAF

05-11-2008 14:59:47

I'm sure that there is some log on the router's settings ...

192.168.1.1 where you can view the IPs and the MAC addresses...

Or...I know up at school here when I installed the Linksys router...it came with software and I saw someone connected that was torrenting and it gave me the IP and MAC address.

dmorris68

05-11-2008 15:11:44

I'm assuming this is a neighbor or someone nearby who is hijacking your WiFi? If so, then yes you should be able to do it, either through your router or with some specialized sniffing software, but the learning curve would probably be high for you if you aren't the network techie type.

A better approach for this case is to enable MAC filtering in your WiFi router, which IMO everyone should do anyway -- all of my access points do this. That way, ONLY those MACs in the list have access, all others are denied. This combined with proper encryption (WPA or better), changing the SSID from factory default, and disabling SSID broadcast will keep the neighbors out. WPA2 has yet to be cracked by anything other than brute force, and a properly strong passkey will prevent anything short a room full of Cray super computers from brute forcing their way in.

Now if you're talking about an internet user who has discovered your IP and is attacking or otherwise hitting you from the internet side, then it's a lot harder. Most people are behind one or several firewalls and routers, which block and override MAC addresses. If you could see a MAC, chances are you'd be blocking the last router in the hop (and everyone behind it) rather than the person. They could easily just come back in from another route in that case.

hairyferry

05-11-2008 15:18:00

ok cool thanks guys.

manOFice

05-11-2008 16:05:17

[quoteed41d194bd="dmorris68"]I'm assuming this is a neighbor or someone nearby who is hijacking your WiFi? If so, then yes you should be able to do it, either through your router or with some specialized sniffing software, but the learning curve would probably be high for you if you aren't the network techie type.

A better approach for this case is to enable MAC filtering in your WiFi router, which IMO everyone should do anyway -- all of my access points do this. That way, ONLY those MACs in the list have access, all others are denied. This combined with proper encryption (WPA or better), changing the SSID from factory default, and disabling SSID broadcast will keep the neighbors out. WPA2 has yet to be cracked by anything other than brute force, and a properly strong passkey will prevent anything short a room full of Cray super computers from brute forcing their way in.

Now if you're talking about an internet user who has discovered your IP and is attacking or otherwise hitting you from the internet side, then it's a lot harder. Most people are behind one or several firewalls and routers, which block and override MAC addresses. If you could see a MAC, chances are you'd be blocking the last router in the hop (and everyone behind it) rather than the person. They could easily just come back in from another route in that case.[/quoteed41d194bd]

Agreed, I would def not broadcast your SSID and change it since the user knows what it is already, so change the SSID and then don't broadcast it, also add the security in. WEP should be enough for home users but do WPA or WPA2 if you feel kinky ;)

My next door neighbor is broadcasting their network with zero security so if i was a dick i could cancel my internet and hijack hers but i don't do that.

hairyferry

05-11-2008 16:37:03

i actually went into the router and you click on wireless security and you can see any mac address that is currently active on the network, then you just click and block... yeeah.

manOFice

05-11-2008 19:03:30

[quote4f01070e4c="hairyferry"]i actually went into the router and you click on wireless security and you can see any mac address that is currently active on the network, then you just click and block... yeeah.[/quote4f01070e4c]

Yep, that works ;) and if you take our advise no one can even see your wireless network let alone get into it if they can ;)

dmorris68

05-11-2008 20:25:46

[quotea5cacb2f3b="manOFice"]WEP should be enough for home users but do WPA or WPA2 if you feel kinky ;) [/quotea5cacb2f3b]
Not so! WEP is cake to crack, usually in seconds, and anybody with access to Google can do it easily -- it doesn't take a "hacker." The WEP standard was broken and the exploit was discovered early and codified into a number of tools available for free download. Anybody thinking they're safe behind WEP are sorely mistaken. However if you're stuck with very old equipment or drivers that can't do better, at least use WEP 128 + disable SSID broadcasts + enable MAC filtering, and you'll keep the laziest "hackers" out -- but the serious ones will still get in, so I'd be upgrading equipment if I were you.

BTW home users are one of the easiest targets of hackers, not just businesses, so don't think security isn't just as important at home. Many would argue the opposite, in fact, considering the amount of personally damaging information that could be attained by someone infiltrating your network.

JennyWren

05-11-2008 23:18:54

I think one of the best things is disabling your SSID broadcast. If they don't know you're there, they won't be trying to hack into you. The MAC filtering is handy so long as you don't have friends over or anyone else who might occasionally use your wireless. It can be a bit of a pain in those circumstances (took me a while to figure out why I couldn't connect my laptop to my parents' wireless!).

Make your network unappealing, and hopefully the intruder will go somewhere else. There's usually a "linksys" connection out there...heh...thankfully.

dmorris68

06-11-2008 19:09:50

[quote724a5ebd26="dmorris68"]WPA2 has yet to be cracked by anything other than brute force, and a properly strong passkey will prevent anything short a room full of Cray super computers from brute forcing their way in.[/quote724a5ebd26]
Of course, just as soon as I post that...

I'm roaming around BoyGenius today looking at AT&T Fuze release info (trying to make up my mind on that or an iPhone), and what do I run across? Somebody plans to reveal next week some breakthrough they've discovered in cracking WPA, rendering it as useless as WEP. roll

http//www.boygeniusreport.com/2008/11/06/wpa-is-the-new-wep-and-by-that-we-mean-useless/

[quote724a5ebd26]Next week at the PacSec Conference in Tokyo, security researcher Erik Tews is expected to put on quite a show. Tews will be showcasing what he describes as the first practical attack on the widely used WPA Wi-Fi security protocol. Tews’ attack, discovered during testing performed with his co-researcher Martin Beck, tricks the router into sending him a large amount of data and combined with a “mathematical breakthrough,” Tews is able to break WPA much faster than any previously tested method. In fact, it reportedly takes between 12 and 15 minutes to execute. The attacker is then able to access data passed from the router to the laptop and even transmit data to a client computer connected to the router. Tews will be publishing his work in an upcoming academic journal and parts of his code have already been implemented in his partner Beck’s publicly available Wi-Fi encryption hacking tool. Great. So it looks like WPA is well on its way to becoming the new WEP - perfect for keeping your neighbor’s 12-year old daughter off your network but pretty useless beyond that.[/quote724a5ebd26]

Figures. Give somebody enough time and no life, and they'll crack their way through anything. Still, for the time being it's the best option you've got, so use it, along with the other stuff I mentioned, and you should be secure for now.

Oh and BTW, blacklisting the MAC in the router is easy enough for a quick fix, but if the person figures out that's why he can't connect, he can easily spoof any MAC he wants and get right back in. You really should consider all the other measures if you want to have any reasonable expectation of security.

ilanbg

06-11-2008 20:40:55

This is why I stick to dial-up.

No one's hacking my phone lines, bitches.

manOFice

07-11-2008 09:56:50

[quote8f83130c05="JennyWren"]I think one of the best things is disabling your SSID broadcast. If they don't know you're there, they won't be trying to hack into you. The MAC filtering is handy so long as you don't have friends over or anyone else who might occasionally use your wireless. It can be a bit of a pain in those circumstances (took me a while to figure out why I couldn't connect my laptop to my parents' wireless!).

Make your network unappealing, and hopefully the intruder will go somewhere else. There's usually a "linksys" connection out there...heh...thankfully.[/quote8f83130c05]

Name your SSID " 56k Dial Up" lol lol lol

So if someone does find you, they hopefully wouldn't try, heh