Back to the main page

Mailing List Logs for ShadowRN

Message no. 1
From: gurth@******.nl (Gurth)
Subject: [OT] MAC-addresses (was Re: Hacking a Smartlink in SR4)
Date: Wed, 05 Oct 2005 11:44:47 +0200
According to Derek Hyde, on 5-10-05 08:36 the word on the street was...

> It's what? Have you done much networking? MAC Filtering to only allow
> pre-programmed MAC addresses in the router, is one of the most difficult to
> get around methods of network security there is. It's far better than
> software firewalls or anything else of the sort, because if your MAC address
> doesn't match one in the list of acceptable MAC addresses, you simply don't
> have access to the network at all.

As a local ISP around here does: if their system detects you're using a
different MAC-address than the one you used before, it refuses you
access -- even if you go back to your old MAC. Unfortunately, they don't
inform you about the reason, so only if you phone them up they'll say
"Oh, you installed a new network card? I'll switch you back on."

Which, of course, I found out when helping a friend set up a new
computer with a new network card. It only took us about four hours
before we called it quits, and he phoned up the next morning...

> Yes, you can do that to make the router appear to be a specific PC, but only
> once you're ON the router and within it's network

True, to a degree. I'm not sure you can't access the router from
outside, though (I can't check this, obviously).

> (testing the theory in this manner
> isn't illegal, as, there's nothing illegal about trying to hack your own
> personal network).

Or my ISP's -- at least, for me, but not for you: "4.4 Without prejudice
to article 4.3, customers are permitted to hack the XS4ALL system."
(http://www.xs4all.nl/overxs4all/voorwaarden/index.php?taal=en)

> Routers are setup to be able to do that specifically
> because there are ISP's that work off of the PC's MAC address for
> authentication, and the router won't allow that MAC address to be seen as
> it's inside the network. It's the only way that you can use any form of
> network setup on such ISP's.

Unless you use the router from day 1, of course. But if you change it,
or add it later, then (as I illustrated above), it can become a problem.

--
Gurth@******.nl - Stone Age: http://www.xs4all.nl/~gurth/index.html
I'll let you be in my dream if I can be in yours
-> Possibly NAGEE Editor & ShadowRN GridSec * Triangle Virtuoso <-
-> The Plastic Warriors Site: http://plastic.dumpshock.com <-

GC3.12: GAT/! d- s:- !a>? C++(---) UB+ P(+) L++ E W++(--) N o? K w-- O
M+ PS+ PE@ Y PGP- t- 5++ X(+) R+++$ tv+(++) b++@ DI- D G+ e h! !r y?
Incubated into the First Church of the Sqooshy Ball, 21-05-1998

Further Reading

If you enjoyed reading about [OT] MAC-addresses (was Re: Hacking a Smartlink in SR4), you may also be interested in:

Disclaimer

These messages were posted a long time ago on a mailing list far, far away. The copyright to their contents probably lies with the original authors of the individual messages, but since they were published in an electronic forum that anyone could subscribe to, and the logs were available to subscribers and most likely non-subscribers as well, it's felt that re-publishing them here is a kind of public service.