2008-09-26

UNIX Tips: MAC Address Spoofing/Changing

I don't advocate using MAC Address spoofing for evil purposes such as:

  • Using a MAC-Address Filtered wireless Access Point
  • Deception
  • Cloning an ethernet card already in use to confuse a network
  • In order to mess with ethernet switches
  • ... Plenty of other malevolent uses ...
MAC Spoofing has several constructive troubleshooting uses:
  • Get a new IP Address from your DHCP server
  • Testing Ethernet switch port security rules
  • Troubleshooting issues with ARP
  • ... plenty of other great uses ...
The Technique to temporarily change your MAC address is pretty similar across the board.  I'll go over some. In any of these examples, replace IFace with the name of the ethernet/wireless interface name such as "eth0", "en1", "rausb0" etc.  Obviously, you can make the ethernet address whatever you want.  The addresses I provide are arbitrary. It just has to be six pairs of hexadecimal (0-9 or A-F) digits separated by colons.  Obviously, these commands must be run with sudo or otherwise with root privileges.  Also, it helps if the ethernet interface is "down" first:
ifconfig IFace down

Mac OS X: 
ifconfig IFace ether 00:12:34:56:78:90

OpenBSD:
ifconfig IFace lladdr 00:11:22:33:44:55

Linux:
ifconfig IFace hw ether 00:de:ad:c0:ed:ba:be

FreeBSD:
ifconfig IFace link 10:00:ca:b0:05:e5

blog comments powered by Disqus