About that mac address question

Status
Not open for further replies.
S

Supchaka

Limp Gawd
Joined
Dec 23, 2003
Messages
133
Mac numbers are assigned in blocks to manufacturers of hardware through some consortium. They're a unique ID like a serial number, so I'd guess yer not gonna have much luck changing it.
 
and to the "YES IT CAN BE DONE" guy....... I got some ocean front property in nevada you might wanna take a look at.
 
Is there a specific reason this was brought back up? I checked the other thread, and it seems like the question was answered fully.
 
Originally posted by XOR != OR
Is there a specific reason this was brought back up? I checked the other thread, and it seems like the question was answered fully.
Click to expand...

Reason: "Behold, the power of cheese."
 
Originally posted by skritch
Reason: "Behold, the power of cheese."
Click to expand...
Damn it, the cheese defense!

I am powerless before your cheese. Especially if it's Motzarella<sp>.
 
hrrm
How can you change the MAC address? (if you dont mind me asking)
 
A MAC address can be spoofed ( changed in the operating system) but can not be changed on the card itself, it is a hardware address...
 
Originally posted by PHUNBALL
A MAC address can be spoofed ( changed in the operating system) but can not be changed on the card itself, it is a hardware address...
Click to expand...

he was refering to a cable modem not a NIC. Yes i'm sure it is humanly possible to change the MAC ID on a cable modem. Just like it Humanly possible to walk on the moon. Can 99% of people do. I don't think so. It hard coded at the factory. Since it can be done it can be undone and redone =P.
 
Originally posted by oakfan52
he was refering to a cable modem not a NIC. Yes i'm sure it is humanly possible to change the MAC ID on a cable modem. Just like it Humanly possible to walk on the moon. Can 99% of people do. I don't think so. It hard coded at the factory. Since it can be done it can be undone and redone =P.
Click to expand...

I was not aware that he was talking about a cable modem since he did not say anything about it. So, in that case the answer is no. You can still spoof a different MAC when sending outbound packets, but they will never make it back to your location because the ARP tables on the far ends routers will be trying to send data to a MAC address (spoofed) that does not really exist...
 
Originally posted by PHUNBALL
I was not aware that he was talking about a cable modem since he did not say anything about it. So, in that case the answer is no. You can still spoof a different MAC when sending outbound packets, but they will never make it back to your location because the ARP tables on the far ends routers will be trying to send data to a MAC address (spoofed) that does not really exist...
Click to expand...

And now, for how things ACTUALLY work:

MACs are only valid on the wire they're originally put on.

No "spoofed MAC" would ever make it to "the far ends routers", because every time a packet transits a hop, the IP header's MAC field is replaced with the MAC of that hop. And the ARP tables have nothing to do with anything; the ARP cache would contain the MAC associated with the last hop before that device received the packet. MACs simply do not cross transit boundaries (i.e., "hops" in the vernacular).


Of course, I probably don't know what I'm talking about; I just spent all morning tweaking C source that generates custom IP headers. I've just been doing this for 25 years. Ignore me.

Now then. What were you saying? Oh, yes. You were going on about some pseudo-networking twaddle. Carry on.
 
Originally posted by skritch
And now, for how things ACTUALLY work:

MACs are only valid on the wire they're originally put on.

No "spoofed MAC" would ever make it to "the far ends routers", because every time a packet transits a hop, the IP header's MAC field is replaced with the MAC of that hop. And the ARP tables have nothing to do with anything; the ARP cache would contain the MAC associated with the last hop before that device received the packet. MACs simply do not cross transit boundaries (i.e., "hops" in the vernacular).


Of course, I probably don't know what I'm talking about; I just spent all morning tweaking C source that generates custom IP headers. I've just been doing this for 25 years. Ignore me.

Now then. What were you saying? Oh, yes. You were going on about some pseudo-networking twaddle. Carry on.
Click to expand...

WTF, my apologies grand master but in this scenario I was referencing the far end as the PE router and the near side would of course be the CE router as being viewed from the customer end. In this case you absolutely can "SPOOF" the MAC address and since the PE routers ARP cache will contain the incorrect MAC address the return packet will never reach it's destination...

BTW, the fact that you have been doing this for 25 years does not impress me at all, about the only thing I get from that is that you must be one old bastard and a grouchy one at that...
 
Originally posted by PHUNBALL
WTF, my apologies grand master but in this scenario I was referencing the far end as the PE router and the near side would of course be the CE router as being viewed from the customer end. In this case you absolutely can "SPOOF" the MAC address and since the PE routers ARP cache will contain the incorrect MAC address the return packet will never reach it's destination...

BTW, the fact that you have been doing this for 25 years does not impress me at all, about the only thing I get from that is that you must be one old bastard and a grouchy one at that...
Click to expand...

You can't spoof a MAC from a source other than the device itself unless you're perpetrating a MitM attack, and acting as a transparent bridge, rewriting the packets in transit.

Even then, you'd best hope you're electrically closer to the source than the destination, or the destination is more likely to see the unmolested packet.

But, surely you know all this. You just forgot to mention it. After all, you're very well-versed in MAC spoofing.

And I don't care if you're impressed or not. I just care that you get things right. I just thought I'd point out that I've been doing this longer than you've probably been on this planet. You might want to think about that before you cop an attitude with me in other threads.
 
Originally posted by skritch
You can't spoof a MAC from a source other than the device itself unless you're perpetrating a MitM attack, and acting as a transparent bridge, rewriting the packets in transit.

Even then, you'd best hope you're electrically closer to the source than the destination, or the destination is more likely to see the unmolested packet.

But, surely you know all this. You just forgot to mention it. After all, you're very well-versed in MAC spoofing.

And I don't care if you're impressed or not. I just care that you get things right. I just thought I'd point out that I've been doing this longer than you've probably been on this planet.
Click to expand...

Well, apparently you are not very good at proving your own point while disproving someone else because if I am not mistaken you just said it can be done, right?

BTW, nice try on the age thing, surely someone as intelligent as you claim to be would know better than to assume things, right?

If you truly care about making sure the correct information is given then please by all means feel free to correct me, but do not attack me with your arrogant attitude for no reason whatsoever. This board needs people that are helpfull and not a bunch of assholes...

BTW, nice picture, you look just like every other Unix admin I have ever met and NO, that is not a compliment (figured I would throw in a personal attack as well since you seem to thrive on handing them out)...
 
Originally posted by skritch
And I don't care if you're impressed or not. I just care that you get things right. I just thought I'd point out that I've been doing this longer than you've probably been on this planet. You might want to think about that before you cop an attitude with me in other threads.
Click to expand...

If I'm not mistaken you are the one that is "coping an attitude" by attacking posters instead of helping them, this planet and forum really has no use for people like you...
 
Originally posted by PHUNBALL
Well, apparently you are not very good at proving your own point while disproving someone else because if I am not mistaken you just said it can be done, right?
Click to expand...

Not without extra equipment, and normally not without changing the network topology, no.



BTW, nice try on the age thing, surely someone as intelligent as you claim to be would know better than to assume things, right?
Click to expand...

It was an assumption based on behavior and knowledge. Surely you don't mean to imply you're older than I am, and yet still so ignorant?


If you truly care about making sure the correct information is given then please by all means feel free to correct me, but do not attack me with your arrogant attitude for no reason whatsoever.
Click to expand...


No reason whatsoever? You attacked first in another thread. I just thought I'd feed you a taste of your own holier-than-thou medicine.


BTW, nice picture, you look just like every other Unix admin I have ever met and NO, that is not a compliment (figured I would throw in a personal attack as well since you seem to thrive on handing them out)...
Click to expand...


No problem. I look nothing like that anymore. Even if I did, it should be obvious to you that your opinion of my appearance matters not one whit. It's my ability, not my appearance, that matters.

Most of those pictures are more than a year old. Even if I still looked like that, you should hope and pray that you get the luxury of looking like that while pulling down very good money and doing something you love at my age.

Enjoy your suit and tie world, sheep.
 
Originally posted by skritch
It was an assumption based on behavior and knowledge. Surely you don't mean to imply you're older than I am, and yet still so ignorant?
Click to expand...

I never imlpied that nor did I assume anything, like you...


No reason whatsoever? You attacked first in another thread. I just thought I'd feed you a taste of your own holier-than-thou medicine.
Click to expand...

Negative, if you read back in that thread you were attacking another forum member for, once again, no reason and I was merely helping to defend him.



No problem. I look nothing like that anymore. Even if I did, it should be obvious to you that your opinion of my appearance matters not one whit. It's my ability, not my appearance, that matters.

Most of those pictures are more than a year old. Even if I still looked like that, you should hope and pray that you get the luxury of looking like that while pulling down very good money and doing something you love at my age.

Enjoy your suit and tie world, sheep.
Click to expand...

Keep telling yourself that Mr. Assumption. I have not worn a suit to work since I was 22, I do make very good money, and I also do what I Love...

NEXT!!!!!!
 
I got my acct banned for spurting off at that little prick. You just KNOW he was up to no good, there is absolutely no legitimate reason to be screwing with a cable modem MAC addy. Odds are he was trying to fool the DOCSIS equipment on the other end, god knows how, but since he couldn't figure out how to mod his modem I'm guessing he didn't know his head from his ass.

I know enough about MAC addresses to know there is LITTLE reason to change one, next to yes, spoofing to get around network security/restrictions.

If your going to do something underhanded, atleast fucking have the decency not to asking others how to HELP YOU BREAK THE LAW OR YOUR ISP's TOS. It looks pathetic, only proves your a moron, and a jackass on top of that.

2/48 = 281,474,976,710,656 combinations

however the address is broken into 2 24-bit addresses so you have approx 16,777,216 addresses per vender id.

IP has 4,294,967,296 combinations, we'll sooner run out of IPv4 addresses before MACs, so for whatever reason there are duplicates out there, isn't for lack of addresses =P

Actually I'm guessing that whoever is in charge of doleing out the Vender ID's on MACs is probably a bit stingy, hence a manufactuer like linksys/3com have probably made so many NICs to have exceeded 16 million, but why they wouldn't be conscious of what addresses they had already used is beyond me.
 
On a more serious note:
The following statements pretty much shot you in the foot.

And now, for how things ACTUALLY work:
Click to expand...

No "spoofed MAC" would ever make it to "the far ends routers", because every time a packet transits a hop, the IP header's MAC field is replaced with the MAC of that hop. And the ARP tables have nothing to do with anything; the ARP cache would contain the MAC associated with the last hop before that device received the packet. MACs simply do not cross transit boundaries (i.e., "hops" in the vernacular).


Of course, I probably don't know what I'm talking about; I just spent all morning tweaking C source that generates custom IP headers. I've just been doing this for 25 years. Ignore me.

Now then. What were you saying? Oh, yes. You were going on about some pseudo-networking twaddle. Carry on.
Click to expand...

You sound like a know it all. With 25 years of experience you should know there is a way of correcting someone so you dont come off as an asshole, and boy did you miss the mark. Or maybe you are a real unix admin and dont know how to talk to people? You got attitude first, and from their it snowballed.

Enjoy your suit and tie world, sheep.
Click to expand...

Okay this is something that only a hippy unix admin would say. Forty some odd (im guessing at your age) years on this earth and you still make stupid comments like this? Grow the fuck up....
 
The flaming and insults stop right now or I start hitting the ban button.
 
Status
Not open for further replies.
Back
Top