David Chen wrote: > > > MAC addresses are trivially rewritable or fakeable. That wont give you > > security. Similarly if the terminal servers are over ethernet then decnet > > is also trivially spoofable > > How do you spoof MAC addresses? I thought they were hard-coded > in the ethernet hardware/firmware. Why would any ethernet card maker > let anyone easily write into ethernet firmware? Doesn't that defeat > the whole idea of ethernet addresses being unique? > > I guess hackers can easily make their own > devices that intercept ethernet traffic and replace ethernet addresses > with arbitrary addresses. It's extremely easy to send a pkt as if you are from a different NIC (MAC), than the one you really are. Just need 'root' and the ability to open raw sockets. It is also useful to change your MAC, for testing purposes, as well as high-availibility purposes. (One NIC fails, make the other look just like it, fast) Ben -- Ben Greear (greearb@candelatech.com) http://www.candelatech.com Author of ScryMUD: scry.wanfear.com 4444 (Released under GPL) http://scry.wanfear.com http://scry.wanfear.com/~greear - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.rutgers.edu
