Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their
network interface card?
Disabled SSID broadcast
MAC filtering is typically used in wireless networks. In computer networking, MAC Filtering (or GUI filtering, or
layer 2 address filtering) refers to a security access control method whereby the 48-bit address assigned to
each network card is used to determine access to the network.
MAC addresses are uniquely assigned to each card, so using MAC filtering on a network permits and denies
network access to specific devices through the use of blacklists and whitelists. While the restriction of network
access through the use of lists is straightforward, an individual person is not identified by a MAC address,
rather a device only, so an authorized person will need to have a whitelist entry for each device that he or she
would use to access the network.
While giving a wireless network some additional protection, MAC filtering can be circumvented by scanning a
valid MAC (via airodumping) and then spoofing one’s own MAC into a validated one.