mercredi 11 février 2015

How to stop programs like airodump-ng from seing my clients mac ID and sending deauth packets?



I'm quite familiar on the aircrack-ng suite and I was wondering if there is a way to stop "airodump-ng mon0" from seeing my client's mac ID's. This is very sensitive information a program can get without even being connected to the AP. How is this possible exactly for the software to find without being connected?


On the second part (a very irritating fact) people use the macchanger -r or -m mon0 command to spoof there mac making it nearly impossible to track in wireshark or anything, but the router see's right past the faked mac and shows the actual even when spoofed. Why is that and could am attacker hide a real mac when connecting to a wireless access point?


Lastly how can I stop or prevent (make it harder) to execute a (ddos) deauth packets? "aireplay-ng -0 -0 -a [AP_MAC] -c [CLIENT_MAC] --ignore-negative-one mon0" This command can cause serious problems with denial of service on client's.


I have heard a couple things about changing the channel to something high but it get's into legal issues and other thing's with antennas.





Aucun commentaire:

Enregistrer un commentaire