Re: [TOOL]TMAC for Linux-beta

[Sagar Belure <sagar.belure () gmail com>]

On Wed, Jun 9, 2010 at 10:17 PM, Ansgar Wiechers
<bugtraq () planetcobalt net> wrote:
> On 2010-06-09 Sagar Belure wrote:
> > On Tue, Jun 8, 2010 at 3:05 PM, Ansgar Wiechers wrote:
> > > For one, I fail to see why anyone in his right mind would want to
> > > change the MAC address on every login,
> >
> > I don't know about others, but it's more like "I PREFER TO DO SO". So,
> > all I did is, added the option in it.
>
> Ah, the Hillary Reason(tm). ;)
>
> However, as good as it is to experiment and learn stuff, this is not
> really security-related, IMHO.
>
> > > Second, how does your script account for address collisions?
> >
> > I appreciate that...I didn't thought of the scenario, where user can
> > use more than one NIC at same time.
>
> I was thinking of other NICs on the same Ethernet. MAC addresses are
> supposed to be unique in a broadcast domain.

Well, finding MAC addresses of other nodes on the same network would
be infeasible. Any thoughts?
> [...]
> > > The whole random address generation can easily be reduced to this
> > > (and I suppose an awk guru will be able to reduce it even more):
> > >
> > > ----8<----
> > > function octet() {
> > >   printf "%02X" $(($RANDOM % 256))
> > > }
> > >
> > > cnt=$(grep "(hex)" oui.txt | wc -l)
> > > oui=$(grep "(hex)" oui.txt | awk -v n=$(($RANDOM % $cnt + 1)) 'NR==n {print $1}')
> > > mac="${oui}-$(octet)-$(octet)-$(octet)"
> > > ---->8----
> [...]
> > Well, this is the reason, I invited *any* kind of suggestions or
> > feedback about this.
> > And yes, I got suggestion about using 'awk' from some other
> > suggestions also, and will help making it more efficient.
> > This again, will help making it more portable as well.
>
> Actually, after thinking about it some more, my code snippet could
> probably be streamlined using a bash array:
>
> ----8<----
> function octet() { printf "%02X" $(($RANDOM % 256)); }
>
> oui=( $(awk '/\(hex\)/ {print $1}' oui.txt) )
> mac="${oui[$(($RANDOM % ${#oui[@]}))]}-$(octet)-$(octet)-$(octet)"
> ---->8----
>
> Reading recommendation: <http://tldp.org/LDP/abs/html/>
>
> Regards
> Ansgar Wiechers
> --
> "Abstractions save us time working, but they don't save us time learning."
> --Joel Spolsky
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

Along with this, I wanted to give some points from my TODO list
-Preset feature
-Avoiding use of MAC address from vendors like VMware, etc.
-Manual update switch for downloading latest 'oui.txt'
-Compatibility with most of the flavours in Linux

Thoughts to add anything in the list?

-- 
Thanks,
Sagar Belure
Security Analyst
Secfence Technologies
www.secfence.com

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------