Shulou(Shulou.com)06/01 Report--

This article mainly introduces the example analysis of MAC address deception in Linux, which is very detailed and has a certain reference value. Interested friends must read it!

MAC address spoofing (or MAC address embezzlement) is usually used to break through local area network access control based on MAC addresses, for example, by limiting the forwarding of only the source MAC address on the switch to a MAC address that exists in the access list, and the modification is dynamic and easy to recover.

Why are you playing MAC address spoofing?

You want a reason? Here are a few more technical reasons. Some network providers will verify your identity by binding the MAC address on your router. What will you do if your router breaks down? You can temporarily change the MAC address of your computer to the MAC address of your router and let your ISP reconnect you to the external network. Is there such a thing? )

Many DHCP servers rely on MAC addresses to assign IP addresses. If you want to change the IP address assigned to you, you can change your MAC address. In this way, you don't have to wait for the DHCP server to assign you a new IP address, but you can get a new one right away.

In addition to technical reasons, there are some good reasons why you need to change your MAC address: for privacy and security, you need to hide your real MAC address. Unlike the IP address at layer 3 of the ISO model, your MAC address will not change. Before you say I'm paranoid, please make sure you know what your privacy is. There is an intrusion method called piggybacking, and the hacker will pretend to be your MAC address under the public WiFi network and act as your identity in your absence.

How to change the MAC address temporarily?

You can change the MAC address while Linux is running. It is important to note that when the MAC address translation time, your network will be offline. When the computer restarts, the MAC address will change back to its original address. Here are several ways to change your MAC address.

Method 1: iproute2 method 1: iproute2 $sudo ip link set dev eth0 down$ sudo ip link set dev eth0 address 0000 sudo ip link set dev eth0 up method 2: macchanger

The macchanger command allows you to change your MAC address to the serial number of different manufacturers.

Install macchanger under Debian,Ubuntu or Linux Mint:

$sudo apt-get install macchanger

Install macchanger under Fedora:

$sudo yum install macchanger

Install macchanger under CentOS or RHEL:

$wget http://ftp.club.cc.cmu.edu/pub/gnu/macchanger/macchanger-1.6.0.tar.gz$ tar xvfvz macchanger-1.6.0.tar.gz$ cd macchanger-1.6.0 $. / configure$ make$ sudo make install

Here are some examples of advanced use of macchanger. You no longer need to disable and enable your network card manually with macchanger.

Just change the MAC address:

$sudo macchanger-mac=00:00:00:00:00:01 eth0

Set a random address for MAC while ensuring OUI consistency:

$sudo macchanger-e eth0

Set a completely random address for MAC:

$sudo macchanger-r eth0

Get the MAC addresses of all network cards, and then list only the specified vendors (such as Juniper):

$macchanger-l | MAC address on grep-I juniperLinux spoofing MAC address on Linux spoofing

Displays the original MAC address and camouflaged MAC address of a network card:

$macchanger-s eth0Current MAC: 56:95:ac:ee:6e:77 (unknown) Permanent MAC: 00:0c:29:97:68:02 (Vmware, Inc.)

How to change the MAC address permanently?

If you want to keep the camouflage MAC address after the system reboot, you need to edit the configuration file. For example, if you want to change the MAC address of eth0, do the following:

Under Fedora,CentOS or RHEL:

$sudo vi / etc/sysconfig/network-scripts/ifcfg-eth0DEVICE=eth0MACADDR=00:00:00:00:00:0

Or you can create a boot script in the / etc/NetworkManager/dispatcher.d directory, as long as you use NetworkManager to manage your network. Let's assume that you have installed macchanger, and the script reads as follows:

$sudo vi / etcUnix NetworkManagerAccording to etc/NetworkManager/dispatcher.d/000-changemac 2000 change emactants macchanger macchanger-- mac=00:00:00:00:00:01 "$1"; esac$ sudo chmod 755 / etc/NetworkManager/dispatcher.d/000-changemac

Under Debian,Ubuntu or Linux Mint:

Create a new boot script and put it in the / etc/network/if-up.d/ directory:

$sudo vi / etcUniverse networkplash if copyright up.dqqqchangemacacty.changemacorp; then ip link set dev "$IFACE" address 001fi01fi01fi$ sudo chmod 755 / etc/network/if-up.d/changemac

The above is all the contents of the article "example Analysis of MAC address spoofing in Linux". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.