Anonymizing Network MAC Addresses

Skill: Novice Complexity: Simple estTimeToComplete: 0.5 hours Depends: network-manager

Random MAC assignments should be art of any users comprehensive security considerations. Your network interfaces have unique machine encoded address that is reported to other network devices when associations are made.

Don't leak information!

This guide will describe a means to report different and random MAC addresses for each interface every time network assignments are changed or updated.

Install macchanger Package

Install the macchanger utility with your favorite package manager. In this instance with apt-get.

apt-get install macchanger

Install MAC Change Script

With macchanger package installed and network-manager package already installed, create/copy the change script for the active network interfaces.

vi /etc/network/if-pre-up.d/macchanger

# Radomize the mac address for a given the interfaces
/usr/bin/macchanger -e $IFACE

Interface PRE-UP

Now, each time a network interface is about to be brought up the MAC address will be randomized under the existing VENDOR identification.

FULL Device Randomization

If you desire FULL Randomization of the network device the replace the -e switch with -r. Note: You will report widely random and bizzare equipment with -r randomizer. It is debatable whether stealth is achievable when wildly reported devices present to the network.

Caveats

With randomized MAC addresses DHCP Reservations will be ineffective. Additonally, any network service that depends on you MAC Address to assign security will likely be inoperable.

Creative Commons License

Author: James B. Crocker

EMail: ubuntu@james.crocker.name

[http://i.creativecommons.org/l/by-sa/3.0/88x31.png]

This work is licensed under a [http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-Share Alike 3.0 License].

CategoryDocumentation CategorySecurity