Internet, Networking, & Security Antivirus 83 83 people found this article helpful 4 Secrets Wireless Hackers Don't Want You to Know What can a hacker do with a MAC address? By Andy O'Donnell Writer Andy O'Donnell, MA, is a former freelance contributor to Lifewire and a senior security engineer who is active in internet and network security. our editorial process Andy O'Donnell Updated February 16, 2020 Westend61 / Getty Images Antivirus Browsers Cloud Services Error Messages Family Tech Home Networking 5G Antivirus VPN Web Development Around the Web View More Tweet Share Email You're using a wireless access point that has encryption, so you're safe, right? Wrong. Hackers want you to believe that you are protected so that you will remain vulnerable to their attacks. Here are four things that wireless hackers hope you won't find out. WEP Encryption Is Useless for Protecting Your Wireless Network WEP is easily cracked within minutes and only provides users with a false sense of security. Even a mediocre hacker can defeat Wired Equivalent Privacy (WEP)-based security in a matter of minutes, making it virtually useless as a protection mechanism. Many people set their wireless routers up years ago and have never bothered to change their wireless encryption from WEP to the newer and stronger WPA2 security. Updating your router to WPA2 is a reasonably straightforward process. Visit your wireless router manufacturer's website for instructions. MAC Filters Are Ineffective and Easily Defeated Whether it's a computer, game system, printer, or another device, every piece of IP-based hardware has a unique hard-coded MAC address in its network interface. Many routers allow you to permit or deny network access based on a device's MAC address. The wireless router inspects the MAC address of the network device requesting access and compares it to your list of permitted or denied MACs. It sounds like an excellent security mechanism, but the problem is that hackers can "spoof" or forge a fake MAC address that matches an approved one. All they need to do is use a wireless packet capture program to sniff (eavesdrop) on the wireless traffic and see which MAC addresses are traversing the network. They can then set their MAC address to match one of that is allowed and join the network. Disabling Your Remote Administration Feature Works Many wireless routers have a setting that allows you to administer the router via a wireless connection. You can access all of the routers security settings and other features without having to be on a computer that is plugged into the router using an Ethernet cable. While this is convenient for being able to administer the router remotely, it also provides another point of entry for the hacker to get to your security settings and change them to something a little more hacker-friendly. Many people never change the factory default admin passwords to their wireless router, which makes things even easier for the hacker. We recommend turning the "allow admin via wireless" feature off so only someone with a physical connection to the network can attempt to administer the wireless router settings. Public Hotspots Make You a Target Hackers can use tools like Firesheep and AirJack to perform "man-in-the-middle" attacks. They insert themselves into the wireless conversation between the sender and receiver. Once they have successfully added themselves into the line of communications, they can harvest your account passwords, read your email, view your IMs, etc. They can even use tools such as SSL Strip to obtain passwords for secure websites that you visit. We recommend using a commercial VPN service provider to protect all of your traffic when you are using wi-fi networks. A secure VPN provides an additional layer of security that is extremely difficult to defeat. You can even connect to a VPN on a smartphone to avoid being in the bull's eye. Unless the hacker is exceptionally determined, they will most likely move on and try an easier target.