As you probably know, MAC addresses are physical addresses that are assigned to your network (wired or wireless) cards by the manufacturer of the device. For this reason it is possible to  identify a computer that connected to a network via this MAC address. For a little bit of added anonymity when hooking your computer to a foreign network (wired or wireless), you can change your MAC address on Linux using a tool called macchanger.

Macchanger has an option “-r” that randomly picks a mac address for you.  Out of 5 minutes boredom and lack of internet connectivity, I decided to make use of this functionality on my beloved asus eeepc pentest toy by writting a small boot up script that detects all attached network devices and randomize their mac address on boot. This laptop runs Backtrack 4 which leaves all the interface in a down mode on boot up; therefore, it was as simple as adding a little script to the /etc/rc.local file to randomize all the MAC address on boot. The script is as follows:

for IFACE in $(ifconfig -a -s | egrep -v "^(lo|Iface)" | cut -f 1 -d" ")
do
        macchanger -r $IFACE
done

Thats it! With this 4 liner, your machine will now get random mac addresses every time it boots up. One caveat is that if you add a new device after boot, it will obviously not work for that new device’s mac address. Also if you are under a distribution that does put the network interface in “UP” mode on boot, like most distributions; then you will want to make sure the code runs before your network scripts. Last but not least, if you do not have macchanger already installed, on a debian based distro you can simply install it by running “sudo apt-get install macchanger”; for other systems, simply visit the macchanger web site for more information.

Tags: macchanger

This entry was posted on Sunday, September 20th, 2009 at 23:32 and is filed under Penetration Testing. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.