Electronic Books

From the target computer, repeat the Ethereal test as above. From the results,
the source has a MAC address of 00:0c:29:b6:40:95, which is the real MAC address
of the SMAC computer.
*Note:
Before SMAC came around, the best choice to spoof a MAC address was to use
a Linux-based tool. SMAC is an excellent tool to spoof a Windows MAC address.
Spoofing


277
Lab 50: Spoofing MAC Addresses
Send Packets via
a
False MAC Address: Linux
Prerequisites:
None
Countermeasures:
Firewall filters, vendor patches where applicable
Description:
Linux has the ability to ???spoof??? its own MAC address. This
lab will demonstrate how to ???spoof??? your MAC with Linux and have
that same ???spoofed??? MAC address occur on each reboot automatically.
Remember that all commands in Linux are
case sensitive
.
Procedure:
Set the parameters and execute:
ifconfig (interface name) hw ether (spoofed MAC address)
From a Linux terminal type
ifconfig
and press the
Enter
key. The current
Ethernet configuration will be displayed, including the MAC address. In this
example:
00:0c:29:4e:1e:cd
278


Practical Hacking Techniques and Countermeasures
Verify the MAC address against a target by starting a
ping
command while
running Ethereal (Lab 41):
ping 172.16.1.40
From the Ethereal application capture a few packets for verification. Click
to highlight an ICMP packet. In this example the results verified the original
MAC address of
00:0c:29:4e:1e:cd
.


Pages:
98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122