MAC Address Scrambling in Linux

MAC Address Scrambling“- By name itself we can understand, instead of using burned-in address, the machines uses random MAC address every time. The machines changes MAC address regularly to improve security.  MAC address is 48 bit hexadecimal digit which is burned in every electronic device has capability of “connectivity” such as mobile devices, smart TV, PC, etc. “Apple” added this feature to iPhones from iOS8 to protect user’s privacy.

So, how static MAC address causes some security issues?  First thing caught in my mind is this

According to Edward Snowden, the National Security Agency has a system that tracks the movements of everyone in a city by monitoring the MAC addresses of their electronic devices. As a result of users being trackable by their devices’ MAC addresses, Apple has started using random MAC addresses in their iOS line of devices while scanning for networks.If random MAC addresses are not used, researchers have confirmed that it is possible to link a real identity to a particular wireless MAC address.

-Wikipedia

As I said it is “Burned-in”, means it never changes which network you connect unlike IP address. Another possible attack is “Man-in-Middle” with ARP poisoning. I highly recommend you to read wikipedia article: ARP spoofing for better understanding of ARP poisoning.  IEEE group also recommends  random MAC address for Wifi security. Read this article for more info

For Linux, soon will get this feature. But now, I made a script(init script: I know init scripts are not meant for this, but made it!) which changes MAC address on every time machine boots. Not only on boot, we can change whenever we want with simple command and can restore to original or we can go one step further with cron job to schedule the script that changes MAC address for every 1 hour or 30 minutes (Depends on your need).

It is a shell script uses macchanger, which executes every time machine boots thus the interface gets random MAC address every time.

NOTE: The macchanger or any other script never changes the device’s actual MAC address which is burned on the interface, but macchanger create a proxy which machines uses this proxy MAC address for network communication

How to install?

Simple, you just have to run One Installer script and choose ‘Changer init script’ in menu as you see in below screenshot

Run below command
wget -q -O oneInstaller.py https://goo.gl/ZcideY && sudo python oneInstaller.py

one_installer

Commands

  1. Applies new random MAC address to wlan0 interface – service changer new
  2. Restore original MAC address to wlan0 interface – service changer restore
  3. Display MAC address that is currently on wlan0 interface – service changer show

Script Repository

https://github.com/veerendra2/python-scripts

NOTE:

  1. For now, by default the selected interface is wlan0 i.e random MAC address will apply to wlan0 only
  2. There will be network restart when you run  service changer new or service changer restore

UPDATE(5-May-2017):

Kali Linux’s latest version(kali-rolling) has this feature. While upgrading(apt-get install upgrade), there is macchanger prompt asking to enable this feature.

Advertisements

One thought on “MAC Address Scrambling in Linux

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s