MAC addresses - which are different for each device on your network - may seem to be the perfect way to keep out intruders, but there鈥檚 a catch. Since you can change the MAC address on most modern hardware, someone could theoretically connect to a filtered network by spoofing the MAC address. This makes the MAC address somewhat like a password, right? Not exactly. First, no two devices on a network can have the same MAC address, so if your PC is connected, and someone else tries to break in by spoofing your MAC address, the attempt will fail. Second, each PC has its own MAC address and its own entry on your router鈥檚 MAC address filter page; this means that an administrator can remove a compromised entry without affecting any other PCs. (This is in contrast to the single WPA-Personal passphrase or WEP encryption key that everyone on the network shares). The real problem is that, like the hidden SSID dilemma, a savvy intruder can use monitoring software to grab MAC addresses out of the air and use them to connect. Think it鈥檚 difficult to change the MAC address? Think again. You can use Mac Makeup, available for free from http://www.gorlani.com/publicprj/macmakeup/macmakeup.asp, or MadMACs, free from http://www.irongeek.com/i.php?page=security/madmacs-mac-spoofer, to change your wireless adapter鈥檚 MAC address in a few moments. You can also change your MAC address - without any special software - by editing the Registry. Open Registry Editor and expand the branches to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}. Press Ctrl-F, type DriverDesc in the box, and click Find Next. Press F3 to cycle through the subkeys here (e.g.,0001, 0002, etc.) until you hit the one where the DriverDesc value matches the name of your wireless adapter. Once you stumble upon the correct key, select Edit ? New ? String Value, and name the value Network Address. Double click the new value, type the MAC address you want to use in the Value data field (without any hyphens, like this: 040815162342), and click OK. To put the new address into effect, use the Network Connections window to disable and then re-enable your network adapter (or restart Windows). Of course, there are plenty of legitimate reasons to change one鈥檚 MAC address, such as troubleshooting or conflict management. Even your router probably has a way to change its MAC address鈥攙ia the MAC Address Clone feature鈥攖o match your PC鈥檚 address so remote servers that have been configured to permit access from your PC won鈥檛 reject your router. All this means that there鈥檚 no such thing as an impentetrable wireless network. If you really care about security, abandon wireless and stick with cables. The Ethics of WiFi: Once you get the technical details out of the way, the one remaining hurdle when considering using someone else鈥檚 Internet connection is a question of ethics. There are countless personal wireless networks around the globe and most of them, you鈥檒l find, are unsecured. This means that you can literally walk down the street in a populated area and probably find a working wireless Internet connection before you reach the end of the block. Some will have been left open intentionally, but most will be unsecured merely because their owners don鈥檛 have the benefit of the 鈥淪et Up a Wireless Router鈥? Now, just because you can connect to these networks, does it mean you should? Are you taking advantage of someone else鈥檚 ignorance by breaking into his private network, or are you simply making use of a public resource that you鈥檇 be equally eager to share? I鈥檓 not about to try to solve this dilemma in these short pages; I only wish to raise the question, and to suggest that if you do ever decide to utilize someone else鈥檚 wireless network, that you not do any harm. Think about your impact, both on the bandwidth of the foreign network and the privacy of those who operate it. And then tread lightly.
没有评论:
发表评论