This is probably off topic but interesting. I did a mac spoofing test today with webauth included. The schenario is a guest with a open authenticatino and web-auth. A Windows 7 machine.
A Ubundu is sniffing the mac address and puting it on its wifi card. And Is able to steal the session (the mac address of win7 already logged on the web-auth, therefore its MAC is allowed passed the WEB authentication mecanism. It seems that both can be associated to the same AP but traffic is being split accross the computers according to which is more busy. I went with the Ubundu to another floor where it associated to another AP. Still it worked so both PCs maintained a connection, but with packet loss for both. I saw in the WLC that one time the MAC address was associated to ground floor ap and after one refresh it was on the 5th floor. So jumping the association list back and forth. Even though there was a packet loss while both where connected they still where associated. Anyone care to comment ? The thing that bugged me the most was that they could both be associated to the same WLC without association problems. This test was with WISMs and 7.0.98 software. regards. Kristjan _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
