Question about mac filtering / mac spoofing

[mxmaniac]

So I know most people say mac filtering is pretty much pointless, because any potential hacker can easily spoof their mac address to match one of yours.

However, if they did do that, what happens when 2 devices both have the same mac address. Wouldn't there be conflicts? Wouldn't one device keep getting booted off, not getting packets correctly, or other issues? Wouldn't this conflict potentially slow down any attacker? What exactly happens in this dual mac scenario?

 

[spidey07]

They both receive each other's traffic. And your machine isn't always going to be on.

Mac filtering is useless. The addresses are sent in the clear. I could sit outside your place and read the macs of all connected devices. Easy to duplicate.

 

[JackMDS]

You should use WPA2 (AES), or if not supported, use WPA.

When using encryption the MAC filter does not add meaningful security.

When using Only MAC filtering (as mentioned above ) your wireless traffic includes clear text and can be easily intercepted.

😎

 

[mxmaniac]

I do actually use WPA2 with a long passkey, but I've always used mac filtering also, even though I know it does very little.

So both devices recieve each other's traffic? Do they both get assigned the same IP address, and does the router see them as one? Could any of the hacker's traffic appear on the machine they spoofed, giving a flag that something is amiss?

I realize this is an unlikely scenario, but I'm just curious how things work if there were duplicate devices.

 

[spidey07]

Mac is layer 2. Ip addresses don't matter at l2. That's layer 3

Ap operates at l2 and is unaware nor cares about ip addresses. It's a l2 bridge.

 

[John Connor]

When I was hacking wireless networks MAC filtering just added a layer of a PITA. Nothing more. That was years ago though before I had high speed Internet.