Most routers have a MAC filter on them and during an attack a MAC could be blacklisted so someone in backtrack or Kali could fake their MAC with macchanger -r mon0 setting it to a random one.
I "tried" to do some testing on this. When I monitor mon0 via Wireshark while sending --deauth packets to my own AP and Client it does not show my actual MAC, However when I fake my MAC and connect to my router and run a scan with "fing" on my IOS device it shows the actual real MAC of the device and not the fake one; the router sees the real one as well. Note the device with the faked MAC and the IOS device were on the same network.
How can I spoof or fake my MAC ID in Kali so scans and routers never see the real one and is there a way to "unmask it"?
Basically, why do scans and routers see the real MAC and is there a way to make these see the "spoofed one"? Is there an IDS that can detect a spoofed MAC?
Aucun commentaire:
Enregistrer un commentaire