7 replies to this topic

[Absolute Zero]

Hello, everyone, I hope you can help

There's this network I'm aware of that I would like to use. It has WPA security. Not a problem. A custom IP scheme. Also not a problem. But according to an inside source (I haven't actually checked it out) One has to apply their own MAC address in order to use the network. Can this even be done in Windows 7 or Ubuntu? I've never heard of it. If so, how do I apply a valid MAC address that will work on the network? I know the first half of a MAC has to do with the hardware Vendor, but I don't know how to find the right one, or assign the second half. Any help would be much appreciated. Thanks.

[wwwd40]

MAC addresses are the layer 2 addresses used by the NIC and are used for local area network communication where routing isnt ocurring (i.e. switching). Its possible on most wireless kit, and some wired switches, to employ an access list of MAC addresses that are permitted to use the port - cisco and extreme call it port security and can also encompass limiting the amount of MACs that can be learned on a port or handling certain MACs in different ways.

It sounds to me that the wireless network in question emplopys a list of valid MAC addresses that are allowed to associate with the wireless network. So to associate you will need your NIC to have a valid MAC from the wireless MAC list point of view. To find a valid MAC, you could try every combination of MAC addresses until one works, or promiscuously sniff the air and find clients with valid MACs that are associated with the AP. Something like tcpdump, wireshark or kismet will help.

With regard to actually changing your MAC, this is easily done in Ubuntu using ifconfig (example ifconfig eth0 hw ether 00:DE:AD:BE:EF:00) or another program such as macchanger. Not sure on Win 7 as I have no experience with it but I am sure there is an equivilent (macshift?).

Cheers,

WD

EDIT removed quote

Edited by wwwd40, 07 June 2011 - 04:38 AM.

[tekio]

If you can bypass WPA with ease, you should have no trouble circumventing MAC address filtering. You'll just need to sniff, find a valid MAC, and either wait till it's off the network, or DOS it... If you go on with a duplicated MAC, most likely it will receive all your traffic because the other hosts already have it in their ARP cache.

[serrath]

This belongs in the beginner's section, and I'm a little worried about the legality of this.

[_ThEcRoW]

Hello guys, a little bit offtopic, but in order to changing the mac(assuming you can do that on your hardware), you need to apply a valid number, i mean, a real number?. I'm aware that the mac address need to be in the router acl list for it, but i'm referring in general, when changing a mac on a network card, does it need to be a valid (real) mac address?.
Thanks in advance and hope you understand what i tried to ask, because english is not my main language.
Cheers!

[wwwd40]

It doesnt need to be a real MAC address, just of the right format (length, hex characters).

I normally use 00:DE:AD:BE:EF:00 as its easy to spot in my lab outputs.

Hello guys, a little bit offtopic, but in order to changing the mac(assuming you can do that on your hardware), you need to apply a valid number, i mean, a real number?. I'm aware that the mac address need to be in the router acl list for it, but i'm referring in general, when changing a mac on a network card, does it need to be a valid (real) mac address?.
Thanks in advance and hope you understand what i tried to ask, because english is not my main language.
Cheers!

[serrath]

It doesnt need to be a real MAC address, just of the right format (length, hex characters).

I normally use 00:DE:AD:BE:EF:00 as its easy to spot in my lab outputs.

Hello guys, a little bit offtopic, but in order to changing the mac(assuming you can do that on your hardware), you need to apply a valid number, i mean, a real number?. I'm aware that the mac address need to be in the router acl list for it, but i'm referring in general, when changing a mac on a network card, does it need to be a valid (real) mac address?.
Thanks in advance and hope you understand what i tried to ask, because english is not my main language.
Cheers!

If the number formed by the first two hexdigits is odd you sometimes run into issues. Keep it even.

Edited by serrath, 20 June 2011 - 06:04 PM.

[wwwd40]

I think that multicast MAC addresses always start 01 http://en.wikipedia....ayer_2_delivery

It doesnt need to be a real MAC address, just of the right format (length, hex characters).

I normally use 00:DE:AD:BE:EF:00 as its easy to spot in my lab outputs.

Hello guys, a little bit offtopic, but in order to changing the mac(assuming you can do that on your hardware), you need to apply a valid number, i mean, a real number?. I'm aware that the mac address need to be in the router acl list for it, but i'm referring in general, when changing a mac on a network card, does it need to be a valid (real) mac address?.
Thanks in advance and hope you understand what i tried to ask, because english is not my main language.
Cheers!

If the number formed by the first two hexdigits is odd you sometimes run into issues. Keep it even.