What is a mac address?
MAC stands for “Media Access Control”. To summarize is a unique identifier thats embedded onto the ROM of the network interface card. On networks the mac address is whats used for communication(ARP resolves IPs to mac adresses). Figures out what More Info: http://en.wikipedia.org/wiki/MAC_address
How Is A Mac Address Assigned?
Every companies that produces hardware requiring a Mac Address is granted a starting prefix by the IEEE association. So if you want to spoof a specific piece of hardware then you would need to use the correct prefix. The full list can be found (HERE)
Why Is Changing Mac Addresses A Security Risk?
There is a few different ways that mac address spoofing can present risks. One would be to bypass Mac Address filtering that various routers, switches, and firewalls can put in place. If a hacker monitors traffic he can see who is communicating with an access point then then clone their mac address to gain access to the network(once that mac address is off the network). This method can also be used to spoof specific pieces of hardware if for some sort of spear phishing attack was put in place.
Note: You will need to run the following commands as root.
The tool we will be using is “macchanger”. First you will need to install it.
apt-get install macchanger[
or
yum install macchanger
First because we cannot change the mac address on an active card we need to run
ifconfig wlan0 down
You will leave it down until after the mac address as been changed.
To view the list of options for this tool you can run
macchanger –help
To view a list of available commands for this application.
If you are looking to spoof a specific device you can get the prefix for the mac address from the link I provided above or by running the command
macchanger -l
So if you wanted to to spoof say a cisco device you would do
macchanger -m 00:e0:f9:52:72:f6 wlan0
Wlan0 would be the device in which your trying to spoof the mac for.
Then after this you would run
ifconfig wlan0 up
If you are not bothered about specifying your mac address as a specific device you can run
macchanger -a
Which will select a random vendor and spoof it
or
macchanger -r
Which won’t focus on vendors and just randomly set the mac address
