This has been pointed out before, but I thought that I'd pass this along
to the list to reinforce how worthless ethernet MAC addresses are.
Most (virtually all) ethernet cards allow one to reprogram what MAC
address it uses. The ioctl under Linux is SIOCSIFHWADDR, for "set
hardware address". I was going to write my own program to do it, and
while doing research for that, I discovered that it's already built into
the standard ifconfig for Linux.
(If you want to write your own, just search for SIOCSIFHWADDR in
ifconfig.c. The code is really simple; just an ioctl.)
To demonstrate how easy this is to do, watch how long it took me:
(output edited; these are the commands and the interesting output)
reflections# ifconfig eth0
eth0 Link encap:10Mbps Ethernet HWaddr 00:A0:24:81:A7:44
reflections# ifconfig eth0 down
reflections# ifconfig eth0 hw ether 00:A0:24:81:A7:45
reflections# ifconfig eth0
eth0 Link encap:10Mbps Ethernet HWaddr 00:A0:24:81:A7:45
Again, if you are using MAC addresses for anything more than _very_
trivial authentication, be aware that any user under virtually any
operating system can do what I just did in three commands. If you want
real security, use Kerberos or some other appropriate cryptosystem.
__
Todd Graham Lewis Linux! Core Engineering
Mindspring Enterprises tlewis @
mindspring .
com (800) 719 4664, x2804
Follow-Ups:
|
|
