|
-
April 23rd, 2002, 06:37 PM
#11
linuxcomando> Thats what is nice about the ifconfig command. If you screw it up, just reboot your computer. It will return to its original address.
\"Ignorance is bliss....
but only for your enemy\"
-- souleman
-
April 23rd, 2002, 06:41 PM
#12
In therory,
If you were running a wireless network and the "allowed" connections were defined by mac address all you would have to do is packet sniff the network and the mac address should be on the packet......then you can chang your mac address......this is of course is dependent on a couple things.....but it might be fun to try on your own network......
-
April 23rd, 2002, 11:28 PM
#13
Changing the card's mac address (temporarily) in software is generally trivial.
There are few legitimate reasons why you'd want to do this; I can't think of one.
It is nevertheless necessary to be aware that this can be done. Many institutions with public access computers use secure switches to prevent unauthorised devices from being connected to their LAN. This is naive, as by assuming the MAC address of an authorised device (which is generally trivially obtained as they can see broadcasts anyway), an attacker can bypass such security.
Even if the MAC address of the card could *not* be changed, an attacker capable of using
promiscuous mode to recieved packets and spoofing the MAC on outgoing packets could still create the same effect. (Spoofing may be the wrong
Therefore, "secure" switches are not secure (although they can legitimately be used to prevent random kiddies plugging their laptops in to download warez and such like.)
-
April 23rd, 2002, 11:53 PM
#14
How about authenticated VLANS on switches? It takes a client and runs through either LDAP or Radius.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
April 29th, 2002, 06:30 PM
#15
Junior Member
Hmmm, Slarty, I see your point but i don't fully agree.
If you secure every access point on the network (let say by mac address, just for the sake of argument), it would be fairly difficult to sniff the different MAC addresses (since you have to get connected first). Then even if you manage to get connected (wich you should'nt unless you had a verry good guess), you can start sniffing. But still it will be verry hard to link a sniffed mac address to a fysical access point on the network. Because how will you determine where the sniffed packet physically originates from ? At least i don't see how you could do it (hmm will have to think about this one).
Then again securing networks by the use of user defined mac addresses isn't really interesting (at least not on large networks). Just to keep the tables up to date could be a full-time job :-) I just wonder how many security admins actually have implemented this.
<--- The data went dataway --->
-
April 29th, 2002, 10:48 PM
#16
service_pack:
Consider this scenario:
- You connect a machine to the network which uses secure switches
- The secure switches don't allow it to send any packets because they come from a non-recognised MAC
- The machine can still see broadcasts though?
So you can sniff the broadcast packets coming from *another* machine on another secure switch port (or the same one) and then steal *its* port and MAC address?
Failing that, connect an authorised box via a crossover to a laptop, and watch for packets as it boots, grab the MAC address.
Unless the authorised boxes are physically absent, their MAC address can be compromised. Some cards have it written on the back.
-
May 1st, 2002, 06:46 PM
#17
-
May 1st, 2002, 06:48 PM
#18
-
May 1st, 2002, 06:54 PM
#19
-
May 1st, 2002, 06:56 PM
#20
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
