sapiens74 0 Posted November 12, 2002 Can I just make one up? I'm trying to use differnet IP's every now and then. Share this post Link to post
DosFreak 2 Posted November 12, 2002 ookkkaay..... Look in your driver properties settings for your NIC. Look for "Network Address" Share this post Link to post
sapiens74 0 Posted November 12, 2002 I'm trying to set it on my router. It took the one i made up. I tried 3 different ones, and they all worked, giving me differnet IP's. Will that affect anything, If i use a made up Mac address? Share this post Link to post
DosFreak 2 Posted November 12, 2002 Nah, you should be fine. Read up on MAC. Shouldn't make any difference whatsoever (as far as network communication). What are you trying to do? Bypass a MAC ban? Share this post Link to post
sapiens74 0 Posted November 12, 2002 I have roadrunner and they IP is tied to the MAC adress, so I am trying to get a new IP address every now and then. I don't feel secure with a static IP Share this post Link to post
DosFreak 2 Posted November 12, 2002 heh. Just firewall it. All major corporations have static. Dynamic IP's do not really make you more secure since it's just a simple matter of an ip scanner to find your IP again.... FreeBSD it. Share this post Link to post
clutch 1 Posted November 12, 2002 Yeah, having a dynamic IP doesn't make you anymore secure. The purpose of a MAC is for the hardware to have its own identity that's "hard-wired" into it. If you were to somehow guess another MAC that was out there, that would be the time that you might have problems. Share this post Link to post
sapiens74 0 Posted November 14, 2002 If that same MAC address was on a Roadrunner network But My question is, will it matter what I make up? I mean i can use all 0's if I like? Share this post Link to post
clutch 1 Posted November 14, 2002 Hey, it happened once to a coworker a long time ago. He would get on, and the other guy would get bounced off, and vice-versa. Finally, the ISP checked out the logs and put it together. Now, there is a major longshot of it happening, but yes it can and has happened. There are several components of the address that let it get created, but that shouldn't affect the performance of it (I have a soyo mb that lets you reflash the onboard NIC to whatever MAC you want, which is handy for some apps that are licensed against MAC addresses). So yeah, knock yourself out, but I would suggest using something less obvious as all "0"s since either RR might have that blocked (thinking it could be an error) or someone else might be using it. Share this post Link to post
dragonmaster 0 Posted December 6, 2002 there is no way to change the MAC address of your particular networking device. as these are burnt onto the PCB's when made. each networking device has a unique MAC address, as 2 identical MAC address's on the same network would cause the network to crash. There is a way to fool the MAC address and 'change' it but this is done by software. also there is no security threat with MAC address's, as if, in the highly unikely situation that someone guessed your MAC address, then they wouldn't be able to do anything unless they knew your IP address as well. however, they could do an RARP request to discover this but it would require the actual networking device to be set up to ask this. soin short there is no way to change the MAC address as they have no use on networking addressing whatsoever, unless of course you still use IPX protocals from novell. then it is only part of the address not the whole address Share this post Link to post
clutch 1 Posted December 6, 2002 That isn't entirely correct, as I have a Soyo motherboard that can have the MAC flashed to a different number, and if it isn't flashed it will only show up as all 0s. Also, this applies to the Linksys (and several other) NAT/router where you can cheange it from the defualt MAC. Now, while the latter *might* be construed as a "software trick", the former is not. The NIC is normally flashed out of the box, but can be changed by the user unlike most other NICs where you are not permitted to change the MAC after its been flashed from the factory. Share this post Link to post
dragonmaster 0 Posted December 6, 2002 Accidentally edited by me, clutch (oops) when clicking quote. Will try to get the other post restored. Share this post Link to post
DosFreak 2 Posted December 6, 2002 Since obviously you will not take our word.... http://www.der-keiler.de/Mailing-Lists/securityfocus/pen-test/2002-11/0026.html http://webpages.charter.net/klai168//Change_MAC_w2k.htm and finally. Quote: if users had the ability to change their MAC address to something else then there would end up being two of the same MAC address in the world and therefore would be impossbile to use a network which they were connected to i.e. the internet. Wrong. As far as I know there isn't a world-wide standard on MAC addresses, within the same company yes they do keep tabs but as far as I know only some companies care to standardize their MAC addresses. Changing your MAC address at home will in not cause any problems at all either on the Internet or your local ISP (depending on the configuration you may run into the problem that Clutch described, 2 NIC's with the same MAC on the switch or VLAN conflicting.). Cloning and changing the MAC address are 2 very different things. Share this post Link to post
clutch 1 Posted December 6, 2002 OK, yes it can be done, and hopefully DosFreak has shown that. Now, why would someone do that? Many reasons. First, if you are replacing a NIC in a system that has the MAC bound for a network function (DHCP reservation for instance) and rather than adjusting everything else to compensate, you can just reflash the NIC with a new MAC (just like it's done at the factory, but most of the time it's a one-shot deal). Another (and more common) reason is there are many software packages out there that bind licenses to NICs, and rather than going through many hoops to get a new license for the new NIC (which might be very difficult/impossible) you just throw in a replacement NIC with the same MAC. While there has been some rough standardization (like the vendor code and whatnot being part of the resulting MAC), it isn't what I would call "strictly enforced" and while rare, you can end up with multiples of the same MAC on the same network. In the first link that DF posted, that's an OS level solution to spoof the NIC MAC, while the ones that I mention go right to the chip and are not dependent on the OS, and will *always* show that MAC no matter what is done (unless the OS wants to spoof that one). In short, yes you can do it, yes it's at the hardware level, and yes there are many good reasons for doing it. Share this post Link to post