Detecting Spoofed MAC Addresses On 802.11 Nets

Joshua Wright writes "I have written a white paper on detecting spoofed MAC addresses on wireless LAN's. This paper describes some of the techniques attackers utilize to disrupt wireless networks through MAC address spoofing, demonstrated with captured traffic that was generated by the AirJack, FakeAP and Wellenreiter tools. Utilizing the techniques I describe, it is possible to identify users who utilize spoofed MAC addresses on 802.11 networks to launch denial of service attacks, bypass access control mechanisms, or falsely advertise services to wireless clients."