17
Condor
5y

Whoever it was that thought that MAC address spoofing/randomization for "muh network security" was a good idea, I'm gonna violently fucking murder them. It doesn't solve jack shit for security, doesn't magically make your network device "anonymous" or whatever and it never fails to confuse my DHCP servers that use those fucking things. Whoever it was, hang yourself or I'll fucking do it for you. Filthy incompetent motherfucker!!

Comments
  • 4
    In a workplace? track down that mac through switches' logs to a particular physical port et voila! You have the motherfucker!
  • 2
    You have open ports in your workplace?
  • 3
    And some switches have an security feature that disables ports if the mac switches without disconnect or other events.
  • 2
    @netikras home network, the culprit was NetworkManager.. apparently it randomizes WiFi MAC addresses by default in Debian. Gonna take note of that though :3
  • 6
    @Condor wtf????? :o but it makes no sense... MAYBE it would make sense for Kali. But lesbian? A solid distro?
  • 4
    @netikras Ah, yes, lesbian, the distro xd
  • 2
    @Condor IIRC it should only randomise the MAC when it is not connected to a network; pretty much all phones do this now too, or have the capability. The point of it is to prevent devices being tracked over a large area e.g. I go into shop A and they log my probe requests, I then go to shop B and they do the same thing, but because my MAC is randomised it can't be correlated. So it's harder to track my location from the signals my phone or laptop is spitting out constantly. So it's less to do with network security and more to do with anonymity.
  • 1
    @milkybarkid fair enough but why not just stop the device from spitting all that out in the first place then, i.e. turn off the WiFi? Personally I don't use any WiFi networks other than my own. WiFi isn't meant to be the technology for "always online". That's the carriers' job.
  • 1
    @Condor I rarely have my WiFi on, but you can imagine a lot of (possibly non-technical) people leave it on, or like to connect as soon as they're home, etc. It is a convenience. Randomising the address helps protect the users. I don't really understand the issue you were having, it sounded odd.
  • 0
    @milkybarkid the DHCP server only actually does dynamic leases on a small part of the network, most appliances get their static IP's from it. It just so happens to be centralized there. The DHCP server looks at the MAC address and looks in the DNS for its associated IP. In other words, randomized MAC addresses completely throw that out of whack and the DHCP server ends up giving a lease from the dynamic pool. Since this device is a Barrier (network KVM platform) server for 2 other workstations, this also means that their clients can't connect anymore either, i.e. it causes me to lose keyboard/mouse control over them.
  • 1
    @Condor Hmm, interesting that NetworkManager would randomise after connecting by default. Even on phones, randomisation is turned off when you're connected to an AP, so your actual MAC is used. I can see how it would cause issues with DHCP if the randomisation was still enabled after connecting.
  • 0
    @Condor Did you turn off the randomisation then?
  • 0
    @milkybarkid Yeah, I now set NetworkManager's cloned MAC address to Permanent. That seems to make it use the real MAC address. Not entirely sure why it defaulted to anything else.. weird.
Add Comment