Nasser Heidari

2008-12-30

How to spoof a MAC address !

Filed under: freebsd,Linux,Microsoft Windows — Nasser Heidari @ 20:06

Don’t rely on MAC filtering alone, however. Please, just don’t. It’s a bad idea. People seem to think “Oh, well, sure a determined attacker can get past it, but not anyone else.” It doesn’t take much determination at all to spoof a MAC address. In fact, I’ll tell you how:

  1. “Listen” in on network traffic. Pick out the MAC address. This can be done with a plethora of freely available security tools, including Nmap.
  2. Change your MAC address.

You can spoof a MAC address when using Nmap with nothing more than a –spoof-mac command line option for Nmap itself to hide the true source of Nmap probes. If you give it a MAC address argument of “0″, it will even generate a random MAC address for you.

For more general MAC address spoofing, your MAC address is trivially reset with tools available in default installs of most operating systems. Here are some examples:

  • Linux: ifconfig eth0 hw ether 03:a0:04:d3:00:11
  • FreeBSD: ifconfig bge0 link 03:a0:04:d3:00:11
  • MS Windows: On Microsoft Windows systems, the MAC address is stored in a registry key. The location of that key varies from one MS Windows version to the next, but find that and you can just edit it yourself. There are, of course, numerous free utilities you can download to make this change for you as well (such as Macshift for MS Windows XP).
Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: