Why MAC Address Filtering on Wi-Fi Router is never a brilliant idea to practice

By | May 7, 2017

MAC address filtering lets the user set a list of devices to be allowed over own Wi-Fi network. However, in real, to be assured about safety this way is a tough aspect, that can be easily breached. There are many people over the globe to feel accomplished about safety aspects through this arrangement. But in real, that is definitely not the case.  


The concept behind MAC Address filtering strategy:

Every device comes with an exclusive media access control address or MAC address that spots it on a network. In general, the routers allow a device to be connected as it understands the right passphrase. MAC address filtering involves comparison of MAC address of a device with its set list of MAC addresses.

Here a device is allowed only to the specific Wi-Fi network, only if its Mac address is particularly acknowledged. The router mostly lets the user in configuring a compilation of MAC addresses over its web interface, letting them in choosing the specific device they can connect to your network.

MAC Address Filtering Can Never Guarantee Ultimate Security

As explained above. MAC address filtering provides security for the user is no more an assured concept. It’s a fact that MAC addresses can be smoothly be got in various operating systems. It means any device could be made-up to have one of those authentic and exclusive MAC address. These addresses can be easily got as well.

These are delivered over the air with every packet visiting in to and coming out of the device, as the MAC address is basically to make sure that every packet gets the actual device.

In short, the simple task that a hacker has to do here is to monitor the Wi-Fi traffic for a negligible amount of time. The attacker simply has to test a packet to get the MAC address of an authentic device, alter its MAC address to the accepted MAC address, and link in place of that device.

Some people have to claim that this attempt can never be practiced as the device remains already in connection. But, a deliberate attack that effectively disconnects a device from the Wi-Fi network can easily allow the attacker to get the connection back at its place. This can be claimed with such confidence as there is no scarcity of tools on this context. There are a variety of tools available on this regard. Kali Linux can be an equivalently fantastic tool that uses Wireshark to spy on a packet, execute a command to alter the MAC address, make use of aireplay-ng to deliver packets to the client, and then link it back at its place.   

Whole of this process could easily be practiced within just 30 seconds. Moreover, it doesn’t require any extensive technical skill. All these can be practiced manually by a common person as well with following the right procedures. Well, there are various automated tools and scripts available these days, making things smoother and effective.

It’s way lot time consuming:

MAC address filtering and dealing with all its associated steps is never really a smooth aspect. When someone sets the MAC address filtering in its initial place, he/she has to get the MAC address from each device around, and accept it over his/her web interface. Needless is to say that this consumes a lot of time; ask someone who has tried it.

In addition, when a new device is found or someone asks for your Wi-Fi to use over his device, you have no other option left but to get into your router’s web interface and list the latest MAC addresses. Indeed, this is a much time consuming aspect in comparison ith the conventional method.

Leave a Reply

Your email address will not be published. Required fields are marked *