You are not logged in.
Are there?:)
Netbook (Acer Aspire One 110 || 160gb SATA HD || 1.5gb ram): archlinux i686 / KDEmod 4.3
Registered Linux User # 481212 / Machine Registration # 390468
"In a world without walls and fences, who needs windows and gates?"
Offline
get a new computer, because the mac address is built into hardware. It identifies the hardware you could say.
Check me out on twitter!!! twitter.com/The_Ringmaster
Offline
macchanger can spoof the mac, you could write a shell script the executes at bootup to change the MAC.
Offline
hi, i have a file called change_mac with the following content in /etc/rc.d and start in on boot by placing change_mac in the daemons-array in rc.conf. you just need to adjust XX:XX:XX:XX:XX:XX by the mac-address you want to have and change the device of course. this script basically just calls macchanger als already suggested.
#!/bin/bash
start()
{
echo "Changing MAC ..."
/usr/bin/macchanger --mac=XX:XX:XX:XX:XX:XX ethX
}
stop()
{
echo "Macchanger stops"
}
case "$1" in
start)
start
;;
stop)
stop
;;
*)
echo "Use $0 [start] to change the MAC!"
;;
esac
exit 0
hope this helps,
bernhard
Last edited by dw (2009-01-11 16:23:12)
Offline
ifconfig eth0 hw ether 00:01:02:03:04:05
I guess it won't be permanent
Offline
ifconfig eth0 hw ether 00:01:02:03:04:05
I guess it won't be permanent
But if it is stared on system startup, what doesn't make it permanent ?
The day Microsoft makes a product that doesn't suck, is the day they make a vacuum cleaner.
--------------------------------------------------------------------------------------------------------------
But if they tell you that I've lost my mind, maybe it's not gone just a little hard to find...
Offline
ifconfig eth0 hw ether 00:01:02:03:04:05
Is there any way for another computer to get the real mac address or determine that this is fake once this has been set?
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
initbox wrote:ifconfig eth0 hw ether 00:01:02:03:04:05
Is there any way for another computer to get the real mac address or determine that this is fake once this has been set?
No.
:?
Offline
initbox wrote:ifconfig eth0 hw ether 00:01:02:03:04:05
Is there any way for another computer to get the real mac address or determine that this is fake once this has been set?
No, mac address's were not developed for security purposes. However, for the truly paranoid, all major manufacturers follow their own numbering system, so it could be determined that a made up mac address was not a "real" one.
Offline
I tried to find it by searching, but failed... how can I reset the true mac address without rebooting (or just get the true mac address)?
*edit*
No, mac address's were not developed for security purposes. However, for the truly paranoid, all major manufacturers follow their own numbering system, so it could be determined that a made up mac address was not a "real" one.
That wasn't a completely paranoid question. I also immediately thought of using nmap to get mac addresses in order to bypass mac filters on networks (I always though spoofing mac addresses was harder than this).
Btw, do you know a way to hide the network card vendor?
*edit 2*
What's the best way to change the mac address at boot before the network goes up on Arch? A line in /etc/rc.local?
Last edited by Xyne (2009-01-12 01:53:04)
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
how can I reset the true mac address without rebooting (or just get the true mac address)?
ifconfig gives the mac address (hardware address). Once changed, I don't know of a way to see what it was.
Btw, do you know a way to hide the network card vendor?
Offline
Thanks for the replies, xaiviax.
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
Wow! This has evolved since my last post...
I do change my MAC address with this command:
ifconfig wlan0 down hw ether xx:xx:xx:xx:xx:xx
ifconfig wlan0 up
Just the same as what has posted...This temporarily changes my MAC and resets to default after reboot...But I can just enter my default MAC again without the needs of restarting and its fine...
I have macchanger and kismet...I'm confused what to use on the "source:" part of my "kismet.conf"...I'm using an atheros b/g...I need some help...:)
Thanks...
Last edited by kaola_linux (2009-01-12 02:57:13)
Netbook (Acer Aspire One 110 || 160gb SATA HD || 1.5gb ram): archlinux i686 / KDEmod 4.3
Registered Linux User # 481212 / Machine Registration # 390468
"In a world without walls and fences, who needs windows and gates?"
Offline
I have macchanger and kismet...I'm confused what to use on the "source:" part of my "kismet.conf"...I'm using an atheros b/g...I need some help...:)
Thanks...
I use : source=iwl3945,wlan0,wlan0 so substitute accordingly to your system
Offline
Here is what I got by issuing lspci on my wireless device:
03:00.0 Ethernet controller: Atheros Communications Inc. AR242x 802.11abg Wireless PCI Express Adapter (rev 01)
How do I determine it?:)
Netbook (Acer Aspire One 110 || 160gb SATA HD || 1.5gb ram): archlinux i686 / KDEmod 4.3
Registered Linux User # 481212 / Machine Registration # 390468
"In a world without walls and fences, who needs windows and gates?"
Offline
How do I determine it?:)
ifconfig | grep HWaddr
To know your mac address change..
Offline
No, I mean to determine on what should be used on the "source:" part of "kismet.conf" But thanks that's informative...:)
Last edited by kaola_linux (2009-01-12 03:51:56)
Netbook (Acer Aspire One 110 || 160gb SATA HD || 1.5gb ram): archlinux i686 / KDEmod 4.3
Registered Linux User # 481212 / Machine Registration # 390468
"In a world without walls and fences, who needs windows and gates?"
Offline
You can also use the following
sudo macchanger -A wlan0
basically you can see macchanger options
through
macchanger --help
Offline
No, I mean to determine on what should be used on the "source:" part of "kismet.conf" But thanks that's informative...:)
lsmod
Offline
I tried to find it by searching, but failed... how can I reset the true mac address without rebooting (or just get the true mac address)?
*edit*
xaiviax wrote:No, mac address's were not developed for security purposes. However, for the truly paranoid, all major manufacturers follow their own numbering system, so it could be determined that a made up mac address was not a "real" one.
That wasn't a completely paranoid question. I also immediately thought of using nmap to get mac addresses in order to bypass mac filters on networks (I always though spoofing mac addresses was harder than this).
Btw, do you know a way to hide the network card vendor?
*edit 2*
What's the best way to change the mac address at boot before the network goes up on Arch? A line in /etc/rc.local?
Do something like:
eth0mac="eth0 hw ether 00:01:02:03..."
eth0="eth0 192.168.0.1 netmask 255.255.255.0"
INTERFACES=(eth0mac eth0)
:?
Offline
I've rebooted and my "fake" mac address is still listed by ifconfig. I don't remember changing any files and grepping for the new address in /etc/* and ~/* yields nothing.
I'll try setting it to something else and see what happens.
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
There is no macchanger package in AUR right
The current macchanger cant be compiled as makepkg -s as it doesnt have a PKGBuilt file inside that tarball...
Offline
There is no macchanger package in AUR right
The current macchanger cant be compiled as makepkg -s as it doesnt have a PKGBuilt file inside that tarball...
Why would you need that macchanger script anyway? It's just a wrapper for a single ifconfig command, and you can perfectly change an interface's NIC via rc.conf.
:?
Offline
when i was still using netcfg2, i was doing the following to get a randomized, manufacturer-valid mac address every time i connected an access point:
in each network profile:
PRE_UP='. $SUBR_DIR/spoof.subr; ifconfig $INTERFACE down; ifconfig $INTERFACE hw ether $(generate_random_mac)'
the 'ifconfig $INTERFACE down' is necessary for my card, annoying belkin-made rtl8185 pcmcia card.
/usr/lib/network/spoof.subr:
#!/bin/bash
SPOOF_DIR=$SUBR_DIR"spoof/"
SPOOF_VEND_FILE="stefan-maclist.txt"
generate_random_mac() {
echo $(${SPOOF_DIR}/fakeap.pl --vendors ${SPOOF_DIR}${SPOOF_VEND_FILE})
}
the following is extracted from Black Alchemy Weapons Lab's fakeap.pl
/usr/lib/network/spoof.pl
#!/usr/bin/perl
use strict;
use warnings;
use Getopt::Long;
use Time::HiRes;
use vars
qw( $vendors_opt $wep_opt );
my @vendors = ( "00:00:0C:", "00:00:CE:", "00:00:EF:" );
# load_vendors
#
# args: none
# rets: none
#
# Loads vendor mac prefix file into @vendors
sub load_vendors {
@vendors = ();
open( my $FH, "<$vendors_opt" ) or die "Could not open $vendors_opt: $!\n";
while ( my $line = <$FH> ) {
chomp $line;
$line =~ /^(\w\w:\w\w:\w\w)/;
push @vendors, "$1:";
}
close $FH;
return;
}
# gen_mac
#
# args: none
# rets: none
#
# Returns a random MAC address with first three octets from @vendors
# last three random.
sub gen_mac {
return sprintf(
"%s%02X:%02X:%02X",
$vendors[ int( rand $#vendors ) ],
int( rand 256 ),
int( rand 256 ),
int( rand 256 )
);
}
################################################################
#
# Main
#
GetOptions(
"vendors=s" => \$vendors_opt
);
load_vendors() if $vendors_opt;
my $mac = gen_mac();
print( $mac );
i know of two sources for a list of valid manufacturer mac address triples. stefan-maclist.txt comes with fakeap.pl. a much more comprehensive list is the file 'manuf' in the root directory of the wireshark source, but it needs some editing before it will work with the fakeap.pl code snippet.
one thing this doesn't do is avoid using your actual mac address.
Last edited by kludge (2009-01-14 02:16:54)
[23:00:16] dr_kludge | i want to invent an olfactory human-computer interface, integrate it into the web standards, then produce my own forked browser.
[23:00:32] dr_kludge | can you guess what i'd call it?
[23:01:16] dr_kludge | nosilla.
[23:01:32] dr_kludge | i really should be going to bed. i'm giggling madly about that.
Offline
Just started to use this script, simple and ?effective?.
#!/bin/bash
MAC=`dd if=/dev/urandom bs=3 count=1 status=noxfer 2>/dev/null | od -t x1 | sed -e "s/^0* //;s/ /:/g;q"`
ifconfig wlan0 down hw ether 00:13:$MAC
ifconfig wlan0 up
00:13 is ?vendor? ID, I think. And I cant change that.
I'm trying to exec this at startup... tried xinitrc, it wont work, X cant start.
Anyone got idea?
P.S.
ifconfig says that MAC has changed, but look at this.
MAC (00:13:E8:D3:B6:93)
This is the output from aireplay-ng.
That what it says is old MAC.
Why ifconfig and aireplay-ng have diffirent outputs? Should not aireplay also read faked MAC?
Last edited by ammon (2009-01-16 01:39:02)
Offline