Futaba _ Webs πΈπΈππΈπΈ
Danger! SSID & MAC FILTERING πΈπΈππΈπΈ
Today I want to talk about Network Security, specifically misconceptions from a few networking security methodologies that we commonly assume are fully secure in terms of defending our network infrastructures. The goal is to highlight the flaws within them, and prove a major point, one that is commonly seen in todayβs Cyber Security practice, which is the over reliance on tools and or security methods. I will be talking about stuff like: MAC address filtering, port security, and even stuff like hiding SSIDβs, and the various ways they could easily be bypassed, and methods that can be added or stacked to improve upon them.
π Article π Glossary π Catalog π Home π Search Modeπ Article Glossary
πΈ Synopsis πΈ
Today I want to talk about Network Security, specifically misconceptions from a few networking security methodologies that we commonly assume are fully secure in terms of defending our network infrastructures. The goal is to highlight the flaws within them, and prove a major point, one that is commonly seen in todayβs Cyber Security practice, which is the over reliance on tools and or security methods. I will be talking about stuff like: MAC address filtering, port security, and even stuff like hiding SSIDβs, and the various ways they could easily be bypassed, and methods that can be added or stacked to improve upon them.
πΈ Article Topics πΈ
I'll be discussing the following topics in order: π Premise π Over reliance on one set of tools or methods is a PROBLEM! π NEGATIVE PENALTY! MAC Address filtering can be bypassed! π NEGATIVE PENALTY! Hiding your SSID can be bypassed You can click on any of the topics to simply check that one out if it interests you! NOTE: Articles are read from LEFT to RIGHT via 2 columns! Read the first column all the way down and then move to the next one!
πΈ Key Links πΈ
Here's a quick run down on all the main links that are in the article in case you want to check them out first. π LinkedIn Version π Patreon Version
π Danger! SSID & MAC FILTERING
Premise πΈπΈππΈπΈ
This article is a part of the new Danger! Series Iβm launching, which is where I raise more Cyber Security awareness about critical flaws and vulnerabilities that exist within various system infrastructures, including any protocols and data communication methods, and the Dangers of what could happen should they be exploited to the fullest extent. I also go over various mitigation strategies that can be used to prevent them as well. If by chance there is an exploit video for me showing the full potential risk, it will be included in the advance version of this article for PAID patreon members only!
Over reliance on one set of tools or methods is a PROBLEM! πΈπΈππΈπΈ
One of the biggest flaws in today's modern Cyber Security is the over reliance on a set of security methods/tools that one assumes is FULL PROOF secure with ZERO weaknesses.
This leads to us letting our guard down, not planning further ahead on the various ways hackers could bypass our various security methods: technical, physical, and operational, preventing us from developing contingency plans that could back us up in case said series of options fail. Cyber Security, as Iβve said before, is a game of chess, one that requires you to be several steps ahead in order to defend our digital landscape.
For one to assume there is no weakness in a system, no matter how well sound it might be, is a CRITICAL mistake, one that plagues the industry today stares at the MITIRE company data breach. Know this well⦠THERE IS NO SUCH THING AS A 100% SECURE SYSTEM. For as long as it is man made it will always contain some form of flaw or error in them. People are able to make mistakes, therefore, said programs will also reflect said mistakes.
NEGATIVE PENALTY! MAC Address filtering can be bypassed! πΈπΈππΈπΈ
Mac address filtering involves configuring a network access point to only allow permitted devices to authenticate and access the internal network. In the event that an unauthorized user tries to access the internal network, the MAC address that is tied to their system will be checked and flagged by the security of the access point if it isnβt registered as a permitted device.
For most this would appear as a great form of security overall. Only the administrator that configured the MAC address cache for the access point will be able to see which MAC addresses you need in order to be permitted to the network. Solid right? WRONG!
Here is the major flaw with this setupβ¦.. There are 2 EASY ways to bypass this rule.
#1:
You can tap into the direct network feed if you find an open PHYSICAL network port. This also allows you to bypass any authentication methods that might be set in place even if you manage to spoof the MAC address through other means and get blocked by the WPA2 authentication process.
Even if you find the right MAC address, if they have a complex password to join the network, then youβre out of luck if you try to do this the wireless method and you can't crack the password. It is possible to bypass using just the MAC address alone, but like all forms of wireless security, it's constantly improving and evolving over time, making some of these methods hard if not IMPOSSIBLE to easily pull off.
Physical network taps, which typically do NOT require authentication, allows you to bypass this simple filter.
#2:
The MAC addresses for any and all systems that are connected to the internal network are sent out in data packets, via βstationsβ that are connected to the main access point.
With a simple tool like Aircrack-ng, you can use monitoring mode to sniff out all the data channels and see which systems are connected to the network to spoof any and all internal MAC addresses, allowing you to bypass the security and authenticate to the network.
Of course there are other means to do this, but these are methods that I have tried and have succeeded with that have allowed me to breach access points that I have personally setup for these types of tests.
NEGATIVE PENALTY! Hiding your SSID can be bypassed πΈπΈππΈπΈ
A common trick that a lot of people like to use in order to prevent unauthorized network breaches, is they like to hide their SSIDβs which is the name of the network. This is effective in that you can hide SSID information from common means of exposure, like the GUI you use when selecting a wireless access point to communicate with.
The problem with this is it can easily be bypassed by the same method mentioned in option #2 of how to bypass MAC address filtering.
Your SSID is also broadcasted along with any and all MAC address information that is sent out in data packets. They have to be, otherwise our IoT devices would be unable to pick them up and identify them. THERE IS ALWAYS A WAY TO BYPASS ANYTHING! NOTHING IS 100 PERCENT SECURE!
Todayβs positive bonuses will focus more on how to defend against MAC address filtering bypasses, preventing an attacker from breaching the network via this security method.
If you like to see the more advanced version of this article that talks about methods that can be used to mitigate, as well as any videos included, SUBSCRIBE TO MY PATREON CYBER SECURITY TIER!
If you enjoyed this post give it a thumbs up! Iβll be keeping track of whose reacting from now on as there is a βspecialβ reason for it. Just know the more you support my content the more there is in stored!
- The Hacker Who Laughs πΈπΈππΈπΈ
