(old)Puppy Linux Discussion Forum

Where in the startup sequence would I add a line to a file to get Puppy to spoof/change my MAC address?

I want the change to occur at the right point in startup so that DNS services will work. Haven't found that correct spot yet.

Its my understanding that the MAC address is encoded in the chipset for your network card. Under normal circumstances, there is no reason to need to change it. Is there a reason that you need to spoof another network card?

babbs wrote:Its my understanding that the MAC address is encoded in the chipset for your network card. Under normal circumstances, there is no reason to need to change it. Is there a reason that you need to spoof another network card?

Some ISPs track what MAC address is connected to your DSL modem, and (trying to prevent hooking up multiple PCs?) will not "talk" to a second and different device at your location (at least not without a lengthy timeout period with no device connected, or even without calling them up and asking).

So, I suppose, if you had a DSL line from such a provider, but no router and no home network, and you wanted to manually switch the DSL line from a Windows PC to a separate PC running Puppy, it might be handy to set both machines to the same MAC address.

The way to do so temporarily in Puppy would be to use the ifconfig command with the hw ether option, like this: How to make that stick through reboots ... is a different question. I'll let someone else answer that part, because I've yet to investigate how Puppy stores and uses network config info myself!

Jonathan

Thank you for clearing that up for me Jonathan.

Let us know if that actually works. It's my impression that the MAC address is transmitted by the modems at the hardware link level. The OS has no direct control over what the hardware sends when queried. If that's so then I don't see how you could spoof it through the OS.

jh wrote:Where in the startup sequence would I add a line to a file to get Puppy to spoof/change my MAC address?

I want the change to occur at the right point in startup so that DNS services will work. Haven't found that correct spot yet.

Here is the sequence to use.

1. Turn off computer.
2. Remove existing network card.
3. Install new network card.
4. Turn on computer.
5. Boot into Puppy with new MAC address.

The command that jmarsden gives successfully changes, or, more correctly, "spoofs" the MAC address.

And upon re-running the ethernet wizard, everything including DNS resolution works properly.

What I haven't figured out yet is what startup file to put the ifconfig command in -- so that I don't have to re-run the ethernet wizard after each boot to get DNS working.

There are two different places:

The right one and the hacked one:

In the right one.
When you do a Manual setup on the Ethernet wizard, a file /etc/<interface>mode. e.g. /etc/eth0mode.

Puppy stores the network startup commands there.

Here you can put any custom network startup code, for example, I setup my wireless parameters there.

If you select DHCP on the Ethernet wizard, this file will only have the word "auto".

So as you want to do something custom, just modify the corresponding <interface>mode file and add the spoofing command as the first line, you can then do the ifconfig and dhclient commands.

The hacked one:
The script that does the network initialization and calls those <interface>mode files is

/etc/rc.d/rc.network

At the bottom you will see a loop that searches for interfaces and then bring them up based on the content of the <interface>mode file.

If you put the spoofing command before that loop you should be fine.

Thanks for that info!

I used approach number two ("hacked") and put in jmarsden's command and things are working fine!

I'm running Puppy 1.0.7 and the change goes right above the following comment line in the rc.network file, thusly:

ifconfig eth0 hw ether 00:00:00:00:00:00
#Try to connect each ethernet interface found

Flash wrote:Let us know if that actually works.

See http://en.wikipedia.org/wiki/MAC_addres ... _addresses for a little more info. It most definitely works. I've used it (or variations of it) in other Linux and *BSD machines occasionally, over a period of several years. And I tested that it worked in Puppy before posting by earlier msg in this thread.

If you need further convincing, then I suggest you read the sources for any modern NIC device driver For example, download http://www.kernel.org/pub/linux/kernel/ ... .1.tar.bz2 and untar it, and then look at the driver for the Realtek 8139, at linux-2.6.15.1/drivers/net/8139too.c: You can then note that dev_addr is the item in the struct used to keep the MAC address... grep for dev_addr and you'll find the code that reads the default MAC address for the card from its EEPROM. You don't need to understand every detail of this code (I don't!) to see that it is reading an address from the EEPROM and saving it in a kernel data structure, and then setting some device registers using those values. If necessary, you could then read the code for ifconfig and see how what it does when you pass it those parameters results in the device data structure MAC address values being changed, and so the new values being written to the NIC device registers when the device is next opened.

In the open source Linux world, if you really need to be sure whether something is true about the way Linux software works -- read the source code In general, the combination of Google (for reading documentation, tutorials, definitions, HOWTOs, etc.) and the source code make a very powerful educational tool.

Note for jh: Spoofing, or changing? Wikipedia uses "changing". In my view, "spoofing" by its very definition carries connotations of deception and imitation, which would only be the case when the supplied MAC address belongs to an existing device on your network segment, and you are trying to "deceive" the rest of your network into believing that your device is that other device.

There are other uses for this ability to change MAC address, such as testing and debugging switches (Example: How big a MAC address cache does my switch have? And what happens when it sees more MAC addresses than it can cache? An interesting experiment... but please do not try it on a production network!). So I think that "changing" MAC addresses is more appropriate terminology than "spoofing", in the general case. For a (general, not networking-specific) definition of spoofing, see http://www.answers.com/topic/spoof .

Jonathan

Jonathan,

I stand corrected about my use of the word spoof, though I offer the following in my defense:

I was using "spoof" in preference to the word "change" because I didn't want to imply that the MAC address of the ethernet card's EPROM was going to be changed.

As your code snippet shows, the change is in the kernel, and the card remains unaltered.

Rebooting with a different live-cd distro will show that the card's MAC address is indeed un-"changed".

"Spoofing", like "hacking", is one of those computer terms that is over-loaded with connotations -- and its interpretation depends on context and the listener's expectations.

Even the wikipedia article starts ambiguously about the terminology:

"Changing MAC addresses -- Although physical MAC addresses are permanent by design, several mechanisms allow modification, or "spoofing", of the MAC address that is reported by the operating system."

As with the word "hacking", there is no correct, single-word term that will satisfy everyone.

jh wrote:Thanks for that info!

I used approach number two ("hacked") and put in jmarsden's command and things are working fine!

I'm running Puppy 1.0.7 and the change goes right above the following comment line in the rc.network file, thusly:

ifconfig eth0 hw ether 00:00:00:00:00:00
#Try to connect each ethernet interface found

This thread is quite old, but I'm trying to do the same thing now in 2013. I found the rc.network file and have put the appropriate call to macchanger in it, but after boot the wireless MAC is still the factory MAC. If I call the script from the shell it scrambles it just fine, it just doesn't do it on boot.

Is there a better way to do this?

Thanks!
Idiopup

idiopup wrote:

jh wrote:Thanks for that info!

I used approach number two ("hacked") and put in jmarsden's command and things are working fine!

I'm running Puppy 1.0.7 and the change goes right above the following comment line in the rc.network file, thusly:

ifconfig eth0 hw ether 00:00:00:00:00:00
#Try to connect each ethernet interface found

This thread is quite old, but I'm trying to do the same thing now in 2013. I found the rc.network file and have put the appropriate call to macchanger in it, but after boot the wireless MAC is still the factory MAC. If I call the script from the shell it scrambles it just fine, it just doesn't do it on boot.

Is there a better way to do this?

Thanks!
Idiopup

got this working by putting commands in rc.local ...

solved!