Security Basics mailing list archives
Re: [TOOL]TMAC for Linux-beta
From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Thu, 10 Jun 2010 07:17:41 +0200
On 2010-06-09 Sagar Belure wrote:
On Tue, Jun 8, 2010 at 3:05 PM, Ansgar Wiechers wrote:For one, I fail to see why anyone in his right mind would want to change the MAC address on every login,I don't know about others, but it's more like "I PREFER TO DO SO". So, all I did is, added the option in it.
Ah, the Hillary Reason(tm). ;) However, as good as it is to experiment and learn stuff, this is not really security-related, IMHO.
Second, how does your script account for address collisions?I appreciate that...I didn't thought of the scenario, where user can use more than one NIC at same time.
I was thinking of other NICs on the same Ethernet. MAC addresses are supposed to be unique in a broadcast domain. [...]
The whole random address generation can easily be reduced to this (and I suppose an awk guru will be able to reduce it even more): ----8<---- function octet() { printf "%02X" $(($RANDOM % 256)) } cnt=$(grep "(hex)" oui.txt | wc -l) oui=$(grep "(hex)" oui.txt | awk -v n=$(($RANDOM % $cnt + 1)) 'NR==n {print $1}') mac="${oui}-$(octet)-$(octet)-$(octet)" ---->8----
[...]
Well, this is the reason, I invited *any* kind of suggestions or feedback about this. And yes, I got suggestion about using 'awk' from some other suggestions also, and will help making it more efficient. This again, will help making it more portable as well.
Actually, after thinking about it some more, my code snippet could probably be streamlined using a bash array: ----8<---- function octet() { printf "%02X" $(($RANDOM % 256)); } oui=( $(awk '/\(hex\)/ {print $1}' oui.txt) ) mac="${oui[$(($RANDOM % ${#oui[@]}))]}-$(octet)-$(octet)-$(octet)" ---->8---- Reading recommendation: <http://tldp.org/LDP/abs/html/> Regards Ansgar Wiechers -- "Abstractions save us time working, but they don't save us time learning." --Joel Spolsky ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- [TOOL]TMAC for Linux-beta Sagar Belure (Jun 08)
- Re: [TOOL]TMAC for Linux-beta Ansgar Wiechers (Jun 09)
- Re: [TOOL]TMAC for Linux-beta Sagar Belure (Jun 09)
- Re: [TOOL]TMAC for Linux-beta Ansgar Wiechers (Jun 10)
- Re: [TOOL]TMAC for Linux-beta Sagar Belure (Jun 11)
- Re: [TOOL]TMAC for Linux-beta dishix (Jun 11)
- Re: [TOOL]TMAC for Linux-beta Shreyas Zare (Jun 11)
- Re: [TOOL]TMAC for Linux-beta Ansgar Wiechers (Jun 21)
- Re: [TOOL]TMAC for Linux-beta Shreyas Zare (Jun 23)
- Re: [TOOL]TMAC for Linux-beta Sagar Belure (Jun 09)
- Re: [TOOL]TMAC for Linux-beta Ansgar Wiechers (Jun 09)