Vulnerability Development mailing list archives
Re: Ethernet ( MAC ) Address Reliability
From: Steve Ryan <sirsteve () internetcds com>
Date: Tue, 09 Sep 2003 22:43:25 -0700
Burton M. Strauss III wrote:
In Windows (9x/ME/NT/XP/2k), under the configuration tab for your NIC, if the driver supports it (my netgear fa311+ does) you can spoof it right there with no hassle either.Trivial to spoof in some OSes... RH8: $ cat /etc/sysconfig/network-scripts/ifcfg-eth0 # Please read /usr/share/doc/initscripts-*/sysconfig.txt # for the documentation of these parameters. DEVICE="eth0" MACADDR="02:00:00:00:00:05" ... Ideally, values without that xxxxxx1x bit (LLA) set should be globally unique. In practice, there's no testing on the address you set for MACADDR (and there are legit reasons for assigning other values - say you want to spoof a NIC for your Cable Modem). -----Burton -----Original Message----- From: William N. Zanatta [mailto:william () veritel com br] Sent: Monday, September 08, 2003 9:17 AM To: vuln-dev () securityfocus com Subject: Ethernet ( MAC ) Address Reliability Hey guys, I'm currently studying 'sadoor' ( see links at the foot ), a tool built over a proof-of-concept on monitoring interfaces instead of opening ports. The concept behind the tool consists ( roughly ) on monitoring the interface, waiting for a sequence of ip/tcp/udp key packets ( configurable ) and a command packet which runs a command at the host. The first article ( below ) introduces the tool and the hopotesis of using it as a remote system administration tool. Of course there are many security risks involved when doing it but I believe that a well planned system may work with a fine security level ( just focusing on this tool ). But there's one thing which worries me, the ethernet addresses. This is the point where I want to hear from you, and the question is, how much reliable are these addresses? I know they're spoofable and thus it may bring problems with this kind of software. Anyway I'm still making some research on this ( I'm not a network authority ;] ) but I would really like to hear from you. Thank you all, -- References: 1. A Practical Approach of Stealthy Remote Administration http://www.linuxsecurity.com/feature_stories/feature_story-149.html 2. SAdoor's Home Page http://cmn.listprojects.darklab.org -- William PS: Sorry for my messy english.
Current thread:
- Ethernet ( MAC ) Address Reliability William N. Zanatta (Sep 08)
- RE: Ethernet ( MAC ) Address Reliability Burton M. Strauss III (Sep 09)
- Re: Ethernet ( MAC ) Address Reliability Steve Ryan (Sep 11)
- RE: Ethernet ( MAC ) Address Reliability Seva Batkin (Sep 11)
- Re: Ethernet ( MAC ) Address Reliability PLANZ (Sep 11)
- Re: Ethernet ( MAC ) Address Reliability Oleg K . Artemjev (Sep 16)
- RE: Ethernet ( MAC ) Address Reliability Burton M. Strauss III (Sep 09)