lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <B7507F00-92C9-4632-9A4C-D969AB03A090@mac.com>
Date:	Tue, 1 Jan 2008 22:12:23 -0500
From:	Kyle Moffett <mrmacman_g4@....com>
To:	Jon Masters <jonathan@...masters.org>
Cc:	Theewara Vorakosit <thvo@...nc.cpe.ku.ac.th>,
	linux-kernel@...r.kernel.org
Subject: Re: Get physical MAC address

On Jan 01, 2008, at 21:42:18, Jon Masters wrote:
> On Mon, 2007-12-31 at 12:39 +0700, Theewara Vorakosit wrote:
>> I get MAC address from ioctl. However, ifconfig can change this   
>> MAC address. Can I get a real physical MAC address of the NIC?
>
> Forgive me reading into your mail...this smells a bit like some  
> kind of licensing/compliance thing. Just bear in mind that using  
> the MAC to verify the identity of a machine is utterly useless and  
> pointless - anyone can trivially fool your software[0] to see what  
> it "wants".

Not necessarily;  I can easily see distros wanting to have a "Restore  
defaults" button in their network config windows which also includes  
restoring the default MAC address to the NIC.  It should also be  
pointed out that anybody with one of a selection of re-flashable NICS  
(or NICS with removable EEPROMS) can easily change the MAC address on  
their NIC.  Other alternatives includes renaming eth0 to mynet0 and  
creating a downed dummy interface called "eth0" with the desired MAC  
addr.


> [0] We used to have to do far worse kludgery in college, in order  
> to prevent the silly powers that be who "banned" network cards  
> other than those made by one manufacturer from being used on their  
> little network.

Well for basically any userspace-level check, all it takes is  
somebody who knows ASM and has about 5 minutes to track down the  
problematic branch instructions.  Then they just have to write a 10- 
line GDB script which starts the program, traps the appropriate  
instructions, and then changes a "0" to a "1" (or vice versa) before  
the conditional branch.  On Windows it's vaguely practical (albeit  
crash-prone) to load a kernel hack which prevents your program from  
being debugged, but under Linux it's effectively impossible

Cheers,
Kyle Moffett

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ