Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Hide Network card MAC Address
- Thread starter ady2k
- Start date
You can't. MAC address is a physical network layer requirement in order for the network card to function.
Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
- Thread starter
- #3
You still can't. It's a fundamental absolute in network routing and address resolution. Ethernet/Token Ring REQUIRE the hardware identification (MAC) in order for the device to participate in the network.
Why are you doing this? Perhaps the core issue is something that could be addressed another way?
Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
Why are you doing this? Perhaps the core issue is something that could be addressed another way?
Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
- Thread starter
- #5
Someone told me. He can hide MAC Address from Linux Kernel. He didn't tell me how to do it.
I want to find out how to do it from this forum.
What I know switches can block specific MAC address. That meant the PC with that MAC address can't connect to the network.
Is it possible on Linux ?
I can say this issue is part of network security.
I want to find out how to do it from this forum.
What I know switches can block specific MAC address. That meant the PC with that MAC address can't connect to the network.
Is it possible on Linux ?
I can say this issue is part of network security.
ericbrunson
Technical User
If your network card supports it you can *change* the MAC address of your card, but as thedaver says, you CANNOT hide the MAC address. You can keep your users from seeing it with ifconfig, but they could always examine the ARP cache.
- Thread starter
- #7
ericbrunson
Technical User
Absolutely and fundamentally impossible.
In order for your machine to communicate on an ethernet segment the other machines, either computers or routers, must use ARP (Address Resolution Protocol) to request your MAC address. There's not other way.
What you're asking would be the same as telling someone to mail you a letter, but refusing to give them your street address.
If you think this is something you need to do, you're probably wrong.
Check out this HOWTO on spoofing your MAC address using Linux:
sleipnir214
Programmer
MAC spoofing, however, isn't making no MAC adress available. This is simply changing in software whhich MAC address is being used by your NIC.
If your users can't get your MAC address, neither can your network devices. If your network devices can't get your MAC address, they can't get packets to your machine. If packets can't get to your machine, there's no point in your machine's begin on the network at all -- it's not going to communicate with anything. It'll be able to send packets, but no packets will make it back.
Want the best answers? Ask the best questions!
TANSTAAFL!!
If your users can't get your MAC address, neither can your network devices. If your network devices can't get your MAC address, they can't get packets to your machine. If packets can't get to your machine, there's no point in your machine's begin on the network at all -- it's not going to communicate with anything. It'll be able to send packets, but no packets will make it back.
Want the best answers? Ask the best questions!
TANSTAAFL!!
- Thread starter
- #11
sleipnir214
Programmer
What I and a bunch of others here are telling you have have been trying to tell you is that what you want to do is, yes, not possible.
You can spoof another MAC address using software. In some versions of the Linux kernel, it's trivial. But your computer MUST make a MAC address available to the network for you computer to participate on the network. Turn off your MAC address and your computer will be completely cut off from the network. You might as well just unplug the NIC -- it'll be easier and accomplish the same thing.
The fact that you can block ping in iptables makes use of the fact that ICMP is a higher-level protocol than MAC address usage.
Want the best answers? Ask the best questions!
TANSTAAFL!!
You can spoof another MAC address using software. In some versions of the Linux kernel, it's trivial. But your computer MUST make a MAC address available to the network for you computer to participate on the network. Turn off your MAC address and your computer will be completely cut off from the network. You might as well just unplug the NIC -- it'll be easier and accomplish the same thing.
The fact that you can block ping in iptables makes use of the fact that ICMP is a higher-level protocol than MAC address usage.
Want the best answers? Ask the best questions!
TANSTAAFL!!
- Thread starter
- #14
sleipnir214,"You can spoof another MAC address using software. In some versions of the Linux kernel, it's trivial".
What software can I use it ? Which version of linux kernel ?
I am using RH 9 with kernel 2.4.20-8 and kernel 2.6.5
Thanks a lot for all the answer.
What software can I use it ? Which version of linux kernel ?
I am using RH 9 with kernel 2.4.20-8 and kernel 2.6.5
Thanks a lot for all the answer.
ady2k
Stop being bull-headed bro! All you can do with the MAC address is change it. You can do that with 'ifconfig'.
Your MAC has to be public, it cannot be blocked or hidden, and there's nothing more to say. I cannot believe this thread has grown this large.
YOU STILL haven't given any background that talks about why/what you are trying to accomplish. Why are you so paranoid about hiding your MAC address? Geez, even the blackhat websites and IRC's don't hide their MAC. They can't do it either!
Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
Stop being bull-headed bro! All you can do with the MAC address is change it. You can do that with 'ifconfig'.
Your MAC has to be public, it cannot be blocked or hidden, and there's nothing more to say. I cannot believe this thread has grown this large.
YOU STILL haven't given any background that talks about why/what you are trying to accomplish. Why are you so paranoid about hiding your MAC address? Geez, even the blackhat websites and IRC's don't hide their MAC. They can't do it either!
Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
- Thread starter
- #16
After googling:
Understand this
Do this:
I'm not sure how this thread got on the topic of kernel recompiles to accomodate this functionality....
Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
Understand this
Do this:
I'm not sure how this thread got on the topic of kernel recompiles to accomodate this functionality....
Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
- Thread starter
- #18
- Thread starter
- #19
- Status
Similar threads
- Locked
- Question