Can mac addresses be spoofed?
In normal network cards, yes.
But its really hard to do so with a wireless card because
access to this level of control is protected by federal regulation. (They can't let you tinker with the radio or all hell would break loose).
But even if hackers could change it, they would have no way of knowing which mac addresses are in your Mac Address list.
(Mac addresses are fuzzy addresses like 00-D0-B7-1D-F2-EB hard wired into the network card, and globally unique.)
I'm sure that will stop the blackhats. Why did'nt I think of that.
How true. Federal regulation has always stopped the dedicated criminal from committing crimes. (Not)
(They can't let you tinker with the radio or all hell would break loose).
You mean like those CB'ers using illegal 2000 watt linear amplifiers or those illegal pirate radio stations? Just to mention a couple of well known instances.
(I'm not trying to make fun of you or be sarcastic toward you. Just trying to make a point. Laws have never stopped criminal activity.)
Hate to tell you...
MAC addresses can be set manually on certain types of NIC cards (for obvious reasons I won't say which ones) and I discovered this quite accidently when I bought a few NICs for some boxes at the office and they all had the same MAC address. RTFM. Sure enough, they came with instructions on how to select and set a MAC address.
Regardless, it's just an OSI protocol that is terribly easy to spoof. Spoofing a WLAN card is really easy since it's done with an emulator and does not have to be hardcoded. You can even 'scan' a network for vulnerable MAC addresses the same way you can scan for open IP addresses on a network.
MAC address security along with 128bit WEP keys and a nice, tight, algorithmic hash security method are your best bet for keeping a network secure.
Even then, it's all for naught if you share security info with the wrong people - or even the right people who happen to be stupid.
The smartest security people do not allow WLAN despite the 'convenience'.