Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Andrzejek on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Hide Network card MAC Address

Status
Not open for further replies.

ady2k

Vendor
Jan 28, 2002
463
ID
I would like to hide Network card MAC Address on Linux Server.How could I do it?
Thanks



 
I meant to block users to detect Network card MAC Address.


 
You still can't. It's a fundamental absolute in network routing and address resolution. Ethernet/Token Ring REQUIRE the hardware identification (MAC) in order for the device to participate in the network.

Why are you doing this? Perhaps the core issue is something that could be addressed another way?

Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
 
Someone told me. He can hide MAC Address from Linux Kernel. He didn't tell me how to do it.
I want to find out how to do it from this forum.
What I know switches can block specific MAC address. That meant the PC with that MAC address can't connect to the network.
Is it possible on Linux ?
I can say this issue is part of network security.


 
If your network card supports it you can *change* the MAC address of your card, but as thedaver says, you CANNOT hide the MAC address. You can keep your users from seeing it with ifconfig, but they could always examine the ARP cache.

 
I wanna to block another users to know/check my network card MAC address.Sure, I still can see my network card MAC address using ifconfig.
But another users connected to my Linux server. They can't check my network card MAC Address.
 

Absolutely and fundamentally impossible.

In order for your machine to communicate on an ethernet segment the other machines, either computers or routers, must use ARP (Address Resolution Protocol) to request your MAC address. There's not other way.

What you're asking would be the same as telling someone to mail you a letter, but refusing to give them your street address.

If you think this is something you need to do, you're probably wrong.
 
MAC spoofing, however, isn't making no MAC adress available. This is simply changing in software whhich MAC address is being used by your NIC.


If your users can't get your MAC address, neither can your network devices. If your network devices can't get your MAC address, they can't get packets to your machine. If packets can't get to your machine, there's no point in your machine's begin on the network at all -- it's not going to communicate with anything. It'll be able to send packets, but no packets will make it back.



Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Ok,Example : If I blocked ICMP_echo using iptables rule. That other users can't ping my Linux server.But they can connect my linux server. Can I threat MAC Address like that?
Is it possible ?
Maybe I asked something wasn't possible.
Thanks


 
Also note, that if you're going accross a layer 3 boundary, the MAC address will be that of the router, and not the address of the server you're accessing..


BuckWeet
 
What I and a bunch of others here are telling you have have been trying to tell you is that what you want to do is, yes, not possible.

You can spoof another MAC address using software. In some versions of the Linux kernel, it's trivial. But your computer MUST make a MAC address available to the network for you computer to participate on the network. Turn off your MAC address and your computer will be completely cut off from the network. You might as well just unplug the NIC -- it'll be easier and accomplish the same thing.


The fact that you can block ping in iptables makes use of the fact that ICMP is a higher-level protocol than MAC address usage.



Want the best answers? Ask the best questions!

TANSTAAFL!!
 
sleipnir214,"You can spoof another MAC address using software. In some versions of the Linux kernel, it's trivial".

What software can I use it ? Which version of linux kernel ?
I am using RH 9 with kernel 2.4.20-8 and kernel 2.6.5

Thanks a lot for all the answer.
 
ady2k

Stop being bull-headed bro! All you can do with the MAC address is change it. You can do that with 'ifconfig'.

Your MAC has to be public, it cannot be blocked or hidden, and there's nothing more to say. I cannot believe this thread has grown this large.

YOU STILL haven't given any background that talks about why/what you are trying to accomplish. Why are you so paranoid about hiding your MAC address? Geez, even the blackhat websites and IRC's don't hide their MAC. They can't do it either!



Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
 
Because interesting and challenging topic.I understood and wasn't possible to block MAC Address.Just can change MAC Address.
Can Anyone provide detail steps after # make mrproper step to patch kernel 2.6.5 to kernel 2.6.6 ?
Thanks a lot.
 
Patching kernel 2.6.5 to kernel 2.6.6 wasn't related with this interesting thread. Because I have posted another about patch kernel 2.6.5.
And I can't get the exactly answer from there.


 
Thanks for all the answer. I have solved the patching kernel 2.6.5 to kernel 2.6.6 myself.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top