OpenWrt Forum Archive

Topic: How to prevent airodump-ng from scanning my WiFi network ?

The content of this topic has been archived on 23 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Hello,
Yesterday I decided to check how secure is openwrt , so I installed Kali Linux and scanned WiFi networks by using
"airodump-ng mon0" command and it listed my WiFi network and the connected clients with Mac address of each of them (I am actually not connected to the WiFi network) . My question is how can I prevent this program from listing my connected clients and their Mac addresses and is it possible to use iptables in order to block that program ? Anyway my network security type is WPA2-PSK.

no way, its catching and analyzing standard wifi packets using monitor mode, you can only disable wifi to prevent this
wpa2-psk is strongest auth/cypher for home use, but don't use passwords less than 12 symbols, weaker passwords can be bruteforced using catched handshake for hours

(Last edited by stas2z on 19 Jul 2016, 08:41)

Indeed, anyone can passively listed to your radio, as long as you are broadcasting..... So turning off you wifi is the only solution:P But the advice above is good, use WPA2 (with AES), have a long password and you should be fine. There will be much easier targets around you to attack than you.

In IEEE 802.11 mac addresses (source and destination) are not encrypted, no matter if you use wpa1/2 or anything you want, the encrypted is the payload data only.

You can imagine the huge overload for a wifi device if mac addresses would be encrypted, it would be needed to decode all packets to know which is for the device.

(Last edited by iasimov on 26 Jul 2016, 23:41)

I think I can achieve blocking those programs by using iptables and dropping bad packets

no you can't.

The discussion might have continued from here.