MAC & IP address

hi guys.

there are those applications by hide my ip : hide my ip & hide my mac
i know that the ip app works but can the mac app really hide ur mac address ?
how can i check ?

p.s
there are some free alternatives like:
http://digg.com/news/technology/FREEWARE_MAC_Address_Changer
any good ?

thx before head.

 

You can easily spoof your MAC address with a number of tools.

 

can u please be more specific ?
do mean physical devices like some special adapter or comp apps ,,, ?

 

While it may be easy to spoof your computer's mac address, what about your hardware router's mac address? Afterall, it is your hardware router that defines your IP address to the world.

I assume the technique would be that after you have booted up your router for each computer session, you would need to login to the router under the router's admin account and run the command(s) that change the mac address, and then follow up after logging out of the router by changing your computer's mac address? And, you would probably need to do this every time you power up your system.

I am assuming that the firmware of the router/computer would retain its original mac address by virtue that it is hardwired into the NIC hardware circuit chip on each.

Note: the tool reference in post#1 is for Windows only systems.

-- Tom

 

thx a lot . now thats a helpful replay.

so what ur saying is that those apps like : Hide My Mac Address are hiding only the mac address of my network card ?

and what if i dont have a router ? i only have a modem .... (please dot get steamy if i wrote something dumb). i mean ... is the router included in the modem ? and should i hide the modems mac ?

besides i mostly use a wireless network of my university so does that mean i need to hide only my ip and network adapter's mac ?

sorry if i ask too much , i just really need to know

 

Are you worried about your MAC address being on router logs or what? I ask because nobody is going to get any of your MAC data via simple http over the web. MAC address vulnerabilities come into play after the fact; meaning that if you are suspected of using an internet connection that LEA has access to (router/AP logs) they can compare the access (say at a coffee shop hot spot) to the MAC address on a physical computer they have impounded. The sites you see supposedly showing your "MAC" address are simply shown on your computer, very reminiscent of the old tricks showing the contents of your "My Documents" folder that Evidence Eliminator used to play. They couldn't "see" squat - you could only see it on your own computer. The MAC address changing software is designed to provide cover - not prevent a site from getting the data. Using MAC-masking software you get 'cover' on the logging of whatever connection you're using, which would record the fake MAC info.

 

So using something like Technitium MAC Address Changer at a public wireless will prevent LE from comparing MAC addresses to a computer that they have in their possession. So what if a laptop is encrypted? Would that prevent someone from verifying the MAC address of that computer?

 

Thanks so much for that explanation. Much appreciated. So I am thinking that if I ever wanted to be more anonymous than I usually am, I could have a separate laptop used for strict anonymity only, encrypt the hard drive, only use it on a public wifi (never at home), and use a MAC address changer, and of course Tor or a VPN. I don't see how a person could be more anonymous than that. Except maybe geolocation will get so good that they can see you from the sky, license plate and all....LOL

 

There's a lot to be said for what you just wrote. Depending on the threat model, etc., it's hard to beat the anonymity of public wifi or even wardriving.

 

Hi caspian,

We've had the technology to discriminate license plates from optical satellites since the 60s! The question is whether the satellites are in position to directly view an object without interference from cloud cover, etc. and, of course, directly control the satellite to lock onto an object that may be moving.

-- Tom

 

hi thats a great and a simple idea - i can simply operate on public networks

 

thx , seems ur very knowledgeable in the field.
present a different MAC address to the router you connect to - yes thats exactly what i want to accomplish. any free-ware or pay-ware suggestons ?
- iv tired Technitium MAC Address Changer but it seems to do nothing .

If you do this on an encrypted operating system - what do u mean ? whats an encrypted OS ? and how can i achieve it?



thx for sharing knowledge guys . seems i found the right forum

 

"I'm using really old software (several years old) obtained by methods that I can't recommend here " - im pretty sure i know what u r talking about .


By what method did you check your MAC address? - well , the app itself tells me its not spoofed ... besides it has a really ugly interference( irrelevant, i know .) and i think i got a replacement only that its cracked and norton online scanner gives a virus alarm (false positive i think ... kaspersky file scanner OKs it ).

TrueCrypt - that a great idea . right now im on win7 + commodo firewall ,so i think that should cover me up when it comes to inwards traffic (form the Internet ) but encrypting is generally a good idea. though if ill immigrate to Linux where im asked for my manager password for basically every thing, ill avoid those privacy issues to begin with right?
-only thing is i have no idea how to connect the web in ubuntu nor opensuse
onr any other linux OS

thx alot for ur knowledge u r awesome .

 

Again, spoofing the MAC of your hardware (say a USB wireless stick or a Wifi card) is easy. I've done it when connecting to neighbor's Wifi. Not sure how to do it on Windows, but on Linux it's easy. You can do it with stuff already built into the OS.

 

yeha i know but i cant connect wifi on linux -i just dont know how to do it . can u please link me to some guide?

 

thank u again , should be more ppl like u.

 

Are you sure about that?

http://www.securityweek.com/hacker-uses-xss-and-google-streetview-data-determine-physical-location

 

The MAC addresses that Samy Kamkar is using for geolocation are those of wifi routers, not MAC addresses of client machines. If you're not using a wifi router, this isn't an issue. If Google or some other wardriver has not GPSed the wifi router that you're using, this isn't an issue (but, to be sure of that, you'd want to have used that router only inside a tight Faraday cage).

This IS an issue, BTW, if you're leeching on someone's unsecured wifi router. Even using an anonymous VPN, connecting via a wifi router that's listed in a geolocation database could reveal your true location (if you permitted it, or if an exploit such as Samy's worked).

 

so what i should get from all this is that there is no way i can hide my machines mac adress ? and what if i use a cellular modem - u know that usb thingy ... ? can they trace me then ? think its a great idea no ?

Faraday cage - yeha right...

Samy Kamkar is using for geolocation are those of wifi router- why do ppl do it to start with ? its like :"hi i m board , think ill design some worm and toy with ppl "

"If Google or some other wardriver has not GPSed ... " so many threats in the web. its like ...they control everything. its like they r the Microsoft of privacy.

if you're leeching on someone's unsecured wifi router - yep its a problem but its the same thing with coffee shops and private networks no ?

 

is there some way to use jap /jondo and tor to cahnge mac too or just the ip ?

 

Since the 60's?? Wow! I would have NEVER guessed that in a million years. And the cloud cover is an interesting thought too. I recently went on a trip and tried to use my Iphone to get directions via GPS and it would not work because of the rain.

 

So spoofing a MAC address does not fool someone using his method? He can still see it?

 

Hi caspian,

Not exactly, as I understand the issue - please correct me if my reasoning is wrong and tell us why! If the router's mac address can be changed, then it will broadcast the spoofed mac address which is not changed in the hardware's firmware permanently. For that session, the mac address will remain spoofed until it is either re-spoofed, or comes back to nominal factory specs of the NIC card in the firmware, e.g. power reboot.

That said, I suppose that the router's geolocation can still be compromised, but the plausible deniability against the factory specs should hold regarding the mac address that could be logged elsewhere remotely. Regarding the geolocation, since the author of that post (at the link) you referenced, used Javascript to probe the router's mac address - how that was done is a question without the code and whether the mac address was accessed in the router's memory or if there is a way to get the factory installed firmware version of the mac address using some other interface - I don't know without seeing the router's specifications, documentation, etc. and the Javascript code the author ran to get it.

The flaw or weakness of all of the schemes I've seen is that when a mac address is spoofed, it is usually changed to the same value every time. The obvious scheme would be to use a random number generator to generate the last five components of the mac address, the first one being "00", otherwise, I seem to remember a comment from somewhere, that it won't work without that feature. When I get the time, I may work on some code to do just that - it should be straight forward.

-- Tom

 

I was able to put together a bash shell script that executes a small nawk program that generates a new mac address each time it is executed.

Unfortunately, I am leaving on a weekend trip and will not be back until next week. I have yet to test the shell script, but the nawk program works very nicely!

I'll post the shell script code (which has the nawk program embedded as a comment) after I get back from the weekend and have completed testing the shell script.

-- Tom

 

Here is the short version (no doc) of my bash shell script for Linux/Unix to change the mac address randomly with each execution. It embeds the genmacaddr nawk program (use nawk, gawk, or awk) which should be saved in a separate file. It also includes surrounding ifconfig commands around the four commands that respectively: disable eth0, compute new random mac address, set new macaddr, and enable eth0 - which can be commented or edited out after you assure yourself that it works. Or, you can just execute the nawk command multiple times after storing genmacaddr in its own file to assure yourself that a new mac address will be generated. It does not change the permanent mac address in the firmware, and only generates a spoofed random mac address which is broadcast. It is safe to delete the -x on the first line of the bash script which is only for debugging to see the commands that execute. Note: /bin/bash, and one of /usr/bin/nawk, /usr/bin/gawk, or /usr/bin/awk must be installed for this script to work in addition to the ifconfig command on Linux/Unix systems.

Code:

#!/bin/bash -x
############################genmacaddr nawk program#############################
#BEGIN {
#     n0 = "00"
#     srand()
#     n1 = sprintf("%02x", int(255 * rand()))
#     n2 = sprintf("%02x", int(255 * rand()))
#     n3 = sprintf("%02x", int(255 * rand()))
#     n4 = sprintf("%02x", int(255 * rand()))
#     n5 = sprintf("%02x", int(255 * rand()))
#     print n0":"n1":"n2":"n3":"n4":"n5
#}
################################################################################
#
ifconfig
ifconfig eth0 down
newmacaddr=`nawk -f genmacaddr -`
ifconfig eth0 hw ether $newmacaddr
ifconfig eth0 up
ifconfig
exit 0

-- Tom

P.S. Edited genmacaddr to reduce code to 18 lines when 1st and last ifconfig statements are deleted. Note: genmacaddr.sh is what I named the bash shell script you see. You have to delete the '#' comment character in the genmacaddr nawk program file on each line.