Skill: Intermediate Complexity: Minimal EstTimeToComplete: 0.5 Hours

Randomized Network MAC Address

You leak information about yourself everytime you associate to a network. Your computers network hardware contains an encoded, unique and serialized hexadecimal address. The MAC address is used by routers and switches on networks to direct traffic to and from your laptop.

Randomizing the MAC address your network hardware reports affords some level of anonymity and privacy.

CAUTION!: While MAC address randomization may afford some degree of anonymity and privacy, your network traffic activity may identify you. Additionally, if you fully randomize your MAC address, you may report such bizzare hardware vendor ids as to be quite conspicuous.

Commands in this guide assume you have sudo'ed root. i.e., sudo -i after each terminal login.

Install NetworkManager

You likely have it installed already and can skip this step. To check ls /etc/NetworkManager which should return at least dispatcher.d. If you don't have it installed already, load it.

apt-get install network-manager

Install MACCHANGER

The package macchanger is in the Networking (universe). Install it.

apt-get install macchanger

Create the Randomizer Trigger

Note: Does not work in Jaunty (9.04)

Utilizing Network-Manager's methods to trigger events when a network interface changes state, place the macchanger script into /etc/network/if-pre-up.d.

vi /etc/network/if-pre-up.d/macchanger

Don't change $IFACE. It is a reference provided by NetworkManager for the particular activated interface.

#!/bin/sh

# Radomize the mac address for the given interface
/usr/bin/macchanger -e "$IFACE"

Make it executable.

chmod +x /etc/network/if-pre-up.d/macchanger

Interface State Change

Now everytime any managed interface is activated, as it passes through the pre-up phase, the network MAC address will be randomized under the VENDOR id.

Fully Random

If you desire a completely random MAC address change the -e in the macchanger script to -r. There are additional switches you may consider. man macchanger.

Anonymity, Privacy, Detection

CAUTION!: While MAC address randomization may afford some degree of anonymity and privacy, your network traffic activity may identify you. Additionally, if you fully randomize your MAC address, you may report such bizzare hardware vendor ids as to be quite conspicuous.

DHCP and Other Considerations

WARNING!: DHCP reservations generally rely on a MAC address to reserve a particular IP address assignment. If you randomize your MAC address you will break your reservation.

WARNING!: Any networking application or device which relies on your unique MAC address will break since randomizing it will return a different value every time the interface is activate.

Special Mix Cases with Roaming Profiles

For the times when you trust your network and need to report the actual/physical network MAC address you have the option of using RoamingProfilesWithNetworkManager. You would relocate the macchanger script to the if-pre-up.d for the given profiles. So, when on the home network you could modify the macchanger script to use -m XX:XX:XX:XX:XX:XX to force the actual/constant MAC address. And, when on any other network run macchanger in random mode.

With roaming profiles you could still accomodate DHCP reservations or special application/hardware requirements.

Creative Commons License

Author: James B. Crocker

EMail: james@constantsc.net

http://i.creativecommons.org/l/by-sa/3.0/88x31.png

This work is licensed under a Creative Commons Attribution-Share Alike 3.0 License.


CategorySecurity

AnonymizingNetworkMACAddresses (last edited 2013-08-20 14:15:28 by ubuntu-james-crocker)