Security Basics mailing list archives
Re: [TOOL]TMAC for Linux-beta
From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Wed, 9 Jun 2010 00:05:57 +0200
On 2010-06-08 Sagar Belure wrote:
TMAC for Linux, is a bash program written for the purpose of changing the MAC address of network interface cards in Linux OS, provided it has Bash shell environment. Please check the details and some sort of, funny description about it. http://sagar.belure.com/#tmac This has been successfully tested with Ubuntu system. Suggestions are welcome.
For one, I fail to see why anyone in his right mind would want to change
the MAC address on every login, StreetView or not. I certainly do hope
nobody is foolish enough to base their security on the secrecy of MAC
addresses.
Second, how does your script account for address collisions?
Not to mention that your code is way too complex and also assumes that
the number of OUIs in oui.txt will never change. The whole random
address generation can easily be reduced to this (and I suppose an awk
guru will be able to reduce it even more):
----8<----
function octet() {
printf "%02X" $(($RANDOM % 256))
}
cnt=$(grep "(hex)" oui.txt | wc -l)
oui=$(grep "(hex)" oui.txt | awk -v n=$(($RANDOM % $cnt + 1)) 'NR==n {print $1}')
mac="${oui}-$(octet)-$(octet)-$(octet)"
---->8----
Also, instead of checking $param1 in multiple elif clauses I'd suggest
to use a case statement:
case "$param1" in
-a)
# do some
;;
-l)
# do other
;;
*)
# print usage information (which I'd probably do with a here
# document rather than multiple "echo -e" commands)
;;
esac
If you require bash anyway, at least make good use of its features.
My 0.02 $CURRENCY.
Regards
Ansgar Wiechers
--
"Abstractions save us time working, but they don't save us time learning."
--Joel Spolsky
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Current thread:
- [TOOL]TMAC for Linux-beta Sagar Belure (Jun 08)
- Re: [TOOL]TMAC for Linux-beta Ansgar Wiechers (Jun 09)
- Re: [TOOL]TMAC for Linux-beta Sagar Belure (Jun 09)
- Re: [TOOL]TMAC for Linux-beta Ansgar Wiechers (Jun 10)
- Re: [TOOL]TMAC for Linux-beta Sagar Belure (Jun 11)
- Re: [TOOL]TMAC for Linux-beta dishix (Jun 11)
- Re: [TOOL]TMAC for Linux-beta Shreyas Zare (Jun 11)
- Re: [TOOL]TMAC for Linux-beta Ansgar Wiechers (Jun 21)
- Re: [TOOL]TMAC for Linux-beta Shreyas Zare (Jun 23)
- Re: [TOOL]TMAC for Linux-beta Sagar Belure (Jun 09)
- Re: [TOOL]TMAC for Linux-beta Ansgar Wiechers (Jun 09)