MAC Address
Every 802.x network card (wireless, ethernet, token ring) has a unique 48 bit identifier known as a MAC address. This address is burned into the EEPROM on the card, and oftentimes is used by networking equipment to track users as they come and go, frequently associating MAC address to hotel or dorm room #, credit card number, login info, etc. This means hopping on a network that has authenticated your hardware before and expecting to be anonymous this time around is pure idiocy.
In fact, even most consumer wireless gear will record the MAC addresses of all computers that have ever issued DHCP requests to them, and these logs usually cannot be purged, even by the owner! When you combine this with the fact that most Cable/DSL service providers will also record your MAC address and bind it to your billing information, and the fact that some of them don't even seem to wait for a court order to turn your info over, it becomes apparent that your MAC address essentially is your name. This isn't even counting the possibility of databases maintained by the major laptop manufactures.
One particularly useful hack I have discovered is that if you change your MAC address, cable and DSL providers typically will give you a new IP address via DHCP. This can be useful if you are a heavy user of P2P networks, since changing your IP regularly can help keep you off the RIAA/MPAA's "big fish" watchlists, since without access to the ISPs internal databases they will be unable to correlate your identity across IP address changes. That is, unless you keep the same "nickname" in whatever P2P app you use...
Thus, changing your MAC address is highly desirable for a number of reasons. However, note that you really only have to concern yourself with your MAC address if you do not wish the local network administrator to be able to identify you. MAC addresses do not cross router boundaries, so anything outside of your LAN will never see it. If your adversary is not internal to the LAN or cannot trace your FIXME IP address back to the LAN, don't worry about your MAC.
Here are the commands to change your MAC for the three major platforms::
1- Linux
In Linux, you just need to issue two commands, and then re-run dhcp or reconfigure the interface. This works for both wired and wireless cards.
[root@machine ~/dir]# ifconfig eth0 down
[root@machine ~/dir]# ifconfig eth0 hw ether de:ad:be:ef:f0:0d
[root@machine ~/dir]# ifconfig eth0 up
You can also use the tool 'macchanger' which is available in most of the repositories. It also allows you to set a random mac address.
[root@machine ~/dir]# ifconfig eth0 down
[root@machine ~/dir]# macchanger -r eth0
[root@machine ~/dir]# ifconfig eth0 up
Use --help to view many more options available.
2- Windows
Under Windows, however, things are a bit more involved.. There are a few ways to do it. One involves wading through your registry, and will not be discussed here. If you're lucky, you might be able to do it right from control panel. If this is not an option, you can try this ntsecurity.nu utility or this utility.
3- Mac OS
In Mac OS, for some reason it is easy to change the MAC address of your wired interface. One of the following two commands should work:
[user@machine ~/dir]$ sudo ifconfig en0 ether aa:bb:cc:dd:ee:ff
[user@machine ~/dir]$ sudo ifconfig en0 lladdr 00:01:02:03:04:05
However, to change the MAC of a wireless interface, you will need to patch your kernel, and then recompile it.
Some OS X users have informed me that USB wireless adapters often allow you to change the MAC address via the command line just like a wired interface. The one most commonly mentioned is the Belkin F5D7050.
I should also note that many routers will allow you to clone or specify a MAC address from their web interface...
0 comments:
Post a Comment