2015-12-08 - Re: [GRASE-Hotspot] Having problems with users spoofing other user’s MACs

Header Data

From: Melvin Rufetu <me***u@gmail.com>
Message Hash: 40160ef743bb3495751966641235d032d35ace8bfec5d61044aefc60e6194830
Message ID: <CAO=RDXVr-U73vFMeKOekZtpnFfUAa0OQ9DdopcfmM4wTr-TaKQ@mail.gmail.com>
Reply To: <CAESLx0Lu6rsDP_jcBbsOxMYUYFmB01tbshgF3Gu2ZifSi_VMYQ@mail.gmail.com>
UTC Datetime: 2015-12-08 06:17:04 UTC
Raw Date: Tue, 08 Dec 2015 15:17:04 +0200

Raw message 

Thanks. That helped, I'll try work out a solution the information you
provided. If I do work one out, I'll be sure to post it in the WIKI


On Mon, Dec 7, 2015 at 1:56 PM, Timothy White <ti***8@gmail.com> wrote:

> Hi Melvin
>
> Unfortunately the only solution to this is to do things to prevent them
> discovering other MAC addresses. There is WiFi client isolation offered by
> some access points. That's probably a start. You'll also need to ensure the
> connections are secured (so no open WiFi, it'll need a password). You may
> also need some additional configuration on switches and firewall to prevent
> clients talking to each other.
> The key is preventing the clients from attempting to talk to other clients
> (so for example they could normally ping all IP's in a range, then check
> the ARP table for MAC addresses), so they can't learn other MAC addresses
> that are in use.
>
> If you do work out a solution, please share with us the setup so we can
> put it in the Wiki so others can do the same. I expect if using something
> like Hostapd on a server, with a single WiFi card, just doing client
> isolation in hostapd would be enough. If you have multiple AP's connected
> to switches, then you'll need to do more to prevent each AP's clients
> talking to another AP's clients (some sort of firewall either on the AP or
> switches).
>
> Hope that points you in the right direction.
>
> Regards
>
> Tim
>
> On Thu, Dec 3, 2015 at 6:26 PM, Melvin Rufetu <me***u@gmail.com>
> wrote:
>
>> There's a group  of students that's been causing problems for me by using
>> Wireless Network Watcher to sniff out other users on the network and then
>> changing their MAC addresses to any one of the ones they find when
>> sniffing. They end up using other user's data allowance and causing
>> problems for the business. I recently caught one of them and had him
>> arrested but the irregularities in my other user's accounts haven't been
>> fixed. What can I do to fix this?
>>
>> --
>> This mailing list is for the Grase Hotspot Project
>> http://grasehotspot.org
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "Grase Hotspot" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to gr***e@grasehotspot.org.
>> To post to this group, send email to gr***t@grasehotspot.org.
>> Visit this group at
>> http://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
>> To view this discussion on the web visit
>> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/f8064e21-183d-4477-9549-ce7b97fd69a2%40grasehotspot.org
>> <https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/f8064e21-183d-4477-9549-ce7b97fd69a2%40grasehotspot.org?utm_medium=email&utm_source=footer>
>> .
>>
>
> --
> This mailing list is for the Grase Hotspot Project http://grasehotspot.org
> ---
> You received this message because you are subscribed to the Google Groups
> "Grase Hotspot" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to gr***e@grasehotspot.org.
> To post to this group, send email to gr***t@grasehotspot.org.
> Visit this group at
> http://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
> To view this discussion on the web visit
> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/CAESLx0Lu6rsDP_jcBbsOxMYUYFmB01tbshgF3Gu2ZifSi_VMYQ%40mail.gmail.com
> <https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/CAESLx0Lu6rsDP_jcBbsOxMYUYFmB01tbshgF3Gu2ZifSi_VMYQ%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>

Thread