Special MAC Addresses

[Toni Ruottu <toni.ruottu () iki fi>]

  Hi!

I encountered two interesting MAC address reuse cases while exploring
Commodore 64 networking. I'm wondering if these two cases are mere
exceptions. If there are lots of MAC addresses with special meanings it
might be nice if nmap shipped with a list of them and warned the user when
one of them is encountered.

RR-Net is perhaps the most used NIC for C64 networking. According to the
manufacturer documentation some models of the NIC do not have a MAC address
burned on a ROM. The documentation recommends using 28:CD:4C:FF:FB:FF for
such cards but also when MAC address detection fails on some of their newer
models. See http://wiki.icomp.de/wiki/RR-Net

Hannenz Netmon is a live debugger for the C64. It contains a server program
that runs on the Commodore and receives instructions over the network. By
looking at the source file netserv.s included in netmon-v0.3.zip it seems
the server spoofs the MAC address and uses 00:80:10:b3:eb:b7 instead of the
MAC address burned on the NIC. The included netmon.html documentation says
the Netmon protocol is based on Mager Valp Udpslave protocol. The file
src/config.s inside udpslave-0.91.zip seems to contain the same hardcoded
MAC address. See Netmon https://csdb.dk/release/?id=92238 and UDPSlave
https://csdb.dk/release/?id=41287

  Cheers, --Toni

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/