Forum

Chapter 4 - Denial of Service in the CWSP guide 2nd edition. page 111 says:

"The first step would be to capture a valid clients MAC address, which is easily done if the network is not using encryption"

BUT isnt the clients MAC address always sent in the clear even if encryption IS used? From the CWNA i thought encryption works from the LLC layer up, therefore the MAC address can be captured regardless of whether encryption is in place or not??

Hi Sdandeker:

Your point is well taken. MAC addresses in IEEE 802.11 frames are exposed to view regardless of encryption.

The example that follows on CWSPv2 pages 111 and 112 is a session hijack at a public hot spot. The lack of encryption in the legit access point (AP) sets the stage for a relatively easy data transfer between the rouge client and the legit AP.

I think the writers did not mean to imply that MAC addresses are ever encrypted, even though it does read that way.

I hope this helps. Thanks. /criss hyde

Thanks Criss. I see where they were going but I still think it's misleading to the reader.