Vulnerability Development mailing list archives
Re: spoofing the ethernet address
From: BGrubin () SCIENT COM (Ben Grubin)
Date: Wed, 1 Mar 2000 12:14:28 -0600
Trivial, actually. Most cards allow programmable MAC addressing, so changing them around is usually easy. Of course, since the source MAC is only visible on the directly attached segment, this is only useful if you are doing "bad things" on the segment your machine physically resides on. Once you hit a routing device, it's IP only. Since the MAC address is programmable, and typically not tracked, it can't be used as a reliable forensic data source. Cheers, Ben
-----Original Message----- From: Bobby, Paul [mailto:paul.bobby () LMCO COM] Sent: Tuesday, February 29, 2000 1:58 PM To: VULN-DEV () SECURITYFOCUS COM Subject: spoofing the ethernet address Been playing with hping, and I imagine other IP spoofing tools generate the same types of packets. The spoofed packet contains a bogus IP address, yes. However the ethernet address (MAC) is the address of the sending machine. Is it possible to spoof this address also? Would someone have to write a custom ethernet driver? Paul Bobby ----------------- <dream> Got Root? </dream>
Current thread:
- Re: spoofing the ethernet address Sen_Ml Sen_Ml (Mar 01)
- Re: spoofing the ethernet address yeti (Mar 02)
- <Possible follow-ups>
- Re: spoofing the ethernet address Mikael Olsson (Mar 01)
- Re: spoofing the ethernet address Carl-Johan Bostorp (Mar 01)
- Re: spoofing the ethernet address Simple Nomad (Mar 01)
- Re: spoofing the ethernet address Vitek, Ian (Mar 01)
- Re: spoofing the ethernet address Granquist, Lamont (Mar 01)
- Re: spoofing the ethernet address Mudge (Mar 01)
- Re: spoofing the ethernet address Dug Song (Mar 02)
- Re: spoofing the ethernet address Ben Grubin (Mar 01)
- Re: spoofing the ethernet address -DAL- (Mar 01)
- Re: spoofing the ethernet address Iván Arce (Mar 01)
- Re: spoofing the ethernet address hypoclear - lUSt - (Linux Users Strike Today) (Mar 01)
- Re: spoofing the ethernet address The I (Mar 01)
- [Fwd: spoofing the ethernet address] Fredrik Widlund (Mar 02)
- spoofing the ethernet address (PPPoE) mike (Mar 02)
- Re: spoofing the ethernet address John Hall (Mar 01)
- Re: spoofing the ethernet address Jim Duncan (Mar 02)
- Re: spoofing the ethernet address Bluefish (Mar 02)
- Re: spoofing the ethernet address Ben Grubin (Mar 02)
(Thread continues...)