Posts

Showing posts with the label Randomization

Randomized MAC addresses in 802.11 Probe Frames

Image
To address perceived privacy issues, some wireless clients adopt a randomized MAC address in probe frames when probing  for wireless networks. In this post  I take a quick look at how you might see clients using randomized MAC addresses. 
Background When a wireless LAN client needs to find a nearby access point to join a Wi-Fi network, it has two choices:
Passive scanning: a client will listen to beacon frames, broadcast by nearby access points, that advertise networks that it makes available. This can be quite a slow process, as a client cycles though channels and waits to hear beacons.Active scanning: a client will cycle through channels and send out probe frames to proactively query nearby APs for a specific wireless network (SSID). This will generally be a faster method of finding networks that the client is configured to join, and may be used by all clients in conjunction with passive scanning.
One (unfortunate) side-effect of active scanning is that a client advertises its presenc…