Tom Mitchell wrote:
On Wed, Feb 11, 2004 at 10:06:26AM -0200, Nelson Guedes Paulo Junior wrote:
I'm not seeing this as a "problem", it's all working fine, the NIC's are
exactly the same model, but have diferent MAC's. My problem is, if a user CAN
change his MAC adreess, even if ONLY root can change, it's easy to implement
a spoofing right????
So, why is permited to change the MAC this way??????
Why?
Because the MAC address is loaded by software.
The hardware is generic and the driver loads a MAC address commonly
found in a very small chunk of NVRAM on the motherboard or IO card
into the hardware. Since the driver source is open it would be
trivial to hack the driver and do anything. Thus (To Me) it makes
sense to expose it as a "feature" and not generate a false sense of
security.
The register in most network chips permits a change on the fly.
...
--
T o m M i t c h e l l
mitch48-at-sbcglobal-dot-net
Just for info from the legacy guy:
Digital Decnet phase IV packs area.node address into the MAC.
So there is no need for the ARP.
Regards, Bob
--
Bob Marcan mailto:bob.marcan@xxxxxxxxxxxxxx
Aster^H^H...HermesPlus^H^H^H...S&T
Slandrova ul. 2 tel: +386 (1) 5895-200
1000 Ljubljana, Slovenia http://www.hermes-plus.si
