Re: [TOOL]TMAC for Linux-beta

[Ansgar Wiechers <bugtraq () planetcobalt net>]

On 2010-06-09 Sagar Belure wrote:
> On Tue, Jun 8, 2010 at 3:05 PM, Ansgar Wiechers wrote:
> > For one, I fail to see why anyone in his right mind would want to
> > change the MAC address on every login,
>
> I don't know about others, but it's more like "I PREFER TO DO SO". So,
> all I did is, added the option in it.

Ah, the Hillary Reason(tm). ;)

However, as good as it is to experiment and learn stuff, this is not
really security-related, IMHO.

> > Second, how does your script account for address collisions?
>
> I appreciate that...I didn't thought of the scenario, where user can
> use more than one NIC at same time.

I was thinking of other NICs on the same Ethernet. MAC addresses are
supposed to be unique in a broadcast domain.

[...]
> > The whole random address generation can easily be reduced to this
> > (and I suppose an awk guru will be able to reduce it even more):
> >
> > ----8<----
> > function octet() {
> >   printf "%02X" $(($RANDOM % 256))
> > }
> >
> > cnt=$(grep "(hex)" oui.txt | wc -l)
> > oui=$(grep "(hex)" oui.txt | awk -v n=$(($RANDOM % $cnt + 1)) 'NR==n {print $1}')
> > mac="${oui}-$(octet)-$(octet)-$(octet)"
> > ---->8----
[...]
> Well, this is the reason, I invited *any* kind of suggestions or
> feedback about this.
> And yes, I got suggestion about using 'awk' from some other
> suggestions also, and will help making it more efficient.
> This again, will help making it more portable as well.

Actually, after thinking about it some more, my code snippet could
probably be streamlined using a bash array:

----8<----
function octet() { printf "%02X" $(($RANDOM % 256)); }

oui=( $(awk '/\(hex\)/ {print $1}' oui.txt) )
mac="${oui[$(($RANDOM % ${#oui[@]}))]}-$(octet)-$(octet)-$(octet)"
---->8----

Reading recommendation: <http://tldp.org/LDP/abs/html/>

Regards
Ansgar Wiechers
-- 
"Abstractions save us time working, but they don't save us time learning."
--Joel Spolsky

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------