MAC address spoofing and YOU!

Who do I think will get the most out of this blog post?

Since I recently learned of this thing, I think people who have never heard of a MAC address would gain the most from this post. Anyone who knows more than me (I’m sure that’s most people) will be bored by this.

Anyway, enough self-deprecation from me. Let’s get into it.

What is a MAC address?

MAC stands for media access control. This is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment. Other names for a MAC address include:

  • burned-in address
  • ethernet hardware address
  • hardware address
  • physical address

Basically, the MAC address is what identifies your computer or mobile device to the router that is serving the Wi-Fi. Routers also have MAC addresses.

What is MAC address spoofing?

Depending on who you are, you can use MAC address spoofing for good or for bad. Simply put, MAC address spoofing merely just means changing a MAC address.

For good, you can use this technique to reclaim some privacy. Because MAC addresses act as unique identifiers for Wi-Fi enabled devices, these addresses can be used to track your movements, whether by Starbucks for marketing purposes, creepy ex-lovers to follow you around or overbearing parents. To combat this, there are apps that you can use. Also, you can manually change your MAC address or use a MAC address randomizer. There’s a configuration you can set so that Windows will randomize your MAC address for you. It’s pretty easy. I’ll describe how to do that and check your MAC address via the command line terminal after I mention some of the bad things that someone can do with MAC address spoofing.

According to several sources, MAC address spoofing is very easy to do. The authors of one academic article describe spoofing as “changing the MAC address of a wireless device that exists in a specific wireless network using off-the-shelf equipment.”

Huh?! “…off-the-shelf equipment.” Sounds very accessible.

Then what? What types of “attacks” can one do after changing a MAC address? From the same article, the authors go on to describe the various attacks as such:

“[This] is a serious threat to wireless networks. For instance, an attacker can spoof the MAC address of a productive access point (AP) in WLAN-infrastructure mode and replace or coexist with that AP to eavesdrop on the wireless traffic or act as a man-in-the-middle (this attack is known as the evil twin attack). In addition, the attacker can flood the network with numerous requests using random MAC addresses to exhaust the network resources. This attack is known as resource depletion.”

Translation: there are several avenues of attack via MAC address spoofing.

So, why should you know about this? I’ve vaguely alluded to why already, but more directly, below are a few specific reasons.

  1. awareness — this is a relatively trivial thing to carry-out and no special equipment is required. So, in an ever-increasing digital world our spheres of situational awareness is going to have to incorporate the digital realm.
  2. personal security/anonymity — don’t feel like you’re powerless. You can use this to gain more control of your own privacy, which can provide peace-of-mind for some.
  3. understanding overcomes fear — there is great power in knowing thy enemy and the means by which they act maliciously. Arm yourself with knowledge and venture forth fearlessly!

How to check what your MAC address is… and Set your computer to use Randomized MAC addresses. Using Windows 10.

Checking your MAC address:

  • Open up a command line. Press the ‘windows button’ + ‘R’ and type cmd. Then click “OK”
  • A command line window will popup. Type ipconfig /all(I believe the equivalent of this for linux and apple devices is ifconfig) and press enter.
  • Look for your computer’s MAC address in the output. It’s going to put out a lot of information but look for something like “Wireless LAN adapter Wi-Fi.” On Windows, your device’s MAC address will be called a ‘Physical Address.’ Info redacted below for my own privacy.
I blocked many of the numbers for my privacy. I doubt it helps, but it makes me feel better.

Configuring your computer to use randomized MAC addresses:

  • Press ‘Windows button’ + ‘X’ and a menu will appear. Click on ‘Network Connections’
  • A ‘Settings’ window will popup, in that window click on ‘Wi-Fi’ in the left-hand menu
  • The next window will show a setting for “Random hardware addresses.” ‘Hardware address’ is just another way of saying MAC address. Set this to “ON” to enable randomized MAC addresses for extra privacy and security.

Final Comments

All this can seem overwhelming. At least it does for me oftentimes. However, the way I’ve overcome my overwhelm and gain peace-of-mind is by learning. What I know so far is probably spotty with lots of gaps of knowledge, but over time I’m filling in those gaps. Hopefully, by sharing what I learn, others can attain some peace-of-mind, as well.

Thanks for reading. A bientot, mes amis!

Work Cited:

A New MAC Address Spoofing Detection Technique Based on Random Forests

--

--

--

I’m a data scientist

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

InterValue: Analysis Of A New Anti-quantum Attack Cipher Algorithm

Content Delivery Network (CDN)

Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies

Interview with SCYTHE founder and CEO, Bryson Bort

It’s All “Backup” Nowadays? Wrestling With the Stored Communications Act

How to root Eurostar epad 4 et7003c f12

Root LG Phone

How to configure DLP and not to overlook a leak

Cyber security: why it shouldn’t be an add-on

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Sean Byrne

Sean Byrne

I’m a data scientist

More from Medium

How I Used OSINT to Find an Abandoned Hotel

Back to Basics: Hardening Computers & Smartphones

What is LLMNR Attack and how to mitigate

Everything You Need To Know About The Dark Web