PaulyD Posted December 22, 2011 Share Posted December 22, 2011 Copy and paste from UbuntuForums...no action over there: __________________________________________________________________ MAC Changing Trouble Ubuntu 11.10 on an Acer TimelineX 11.6" I swapped out the OEM Broadcom card with an Intel 633 Centrino-N 450mbs card. The swap went well, even adding the third antenna, and I have the card working fine. I connect to a Buffalo 450mbs router. My problem is with changing the MAC. This is about privacy and not anything malicious. I'd just like to decrease my footprint when connecting to AP's that aren't my own, that's all. Using the Terminal I can do: ifconfig wlan0 down ifconfig wlan0 hw ether ad:dr:es:sh:er:ex ifconfig wlan0 up ...and receive no errors. If I then ifconfig, it shows the new address, so far, so good. I'm very familiar with when it doesn't work, having tried the Broadcom card and getting SOIFFIOC (sp?) errors about too many files open I can also use macchanger -r or the macchanger-gtk GUI and also change the address with no errors. The problem comes when I try to re-acquire my Buffalo AP. It will sit there scanning for a long while, eventually pop up the password screen (which I assume means it see's the new MAC) but then never connect. It just keeps popping up the password box again, and again. Should this just 'work', or do I need to do something in the Network Manager GUI where it lists the wireless networks? Right now there is just my original AP, Auto Connect, DHCP Automatic, and it lists the wlan0 card and the burned in MAC. I've also tried 'Cloning' from here, but again, no connection. Thanks in advance, P Edit: P.S. There is no MAC filtering on the router, and I've even tried clearing out the DHCP reservation for the old MAC/IP. _______________________________________________________________________________________________________________________________ Thanks, glad to be here. Been watching for years. PD Quote Link to comment Share on other sites More sharing options...
Sparda Posted December 22, 2011 Share Posted December 22, 2011 It's possible that new wireless card has it written in to the firmware to prevent using a fake mac address. It's impossible to say for certain, and I'm not familiar with that particular card, but it's a possibility. Have you tried it with another distro (e.g. Backtrack, yes I know the latest version is based off Ubuntu, but it's worth a shot)? have you tried it on another machine? Quote Link to comment Share on other sites More sharing options...
digip Posted December 23, 2011 Share Posted December 23, 2011 You don't have restrictions on your router for MAC filtering, do you? I don't know that it lets you(program should tell you but I haven't actually tried putting in an invalid mac), but you aren't physically using "ad:dr:es:sh:er:ex" as the mac address by any chance? If you are, then its going to fail.MAC address must be 0-9 and A-F. No s,h, and r's. Look up your cards real mac address, use the same first OID and just change the last bits. You can look up the OEM for your card online too. http://standards.ieee.org/develop/regauth/oui/oui.txt Quote Link to comment Share on other sites More sharing options...
PaulyD Posted December 23, 2011 Author Share Posted December 23, 2011 Thanks guys. Yes, I'm putting in a 'normal' MAC and filtering isn't active on the router. I haven't tried another distro, but I can try BackTrak on a Live CD. I haven't sniffed the packets (brand new to Linux, coming from Win7), can I do this from the terminal or do I need to install WireShark? I also got an Intel 6200 series card at the same time. I'm going to swap that in and try...and maybe drive down to Starbucks to test...could be my router (DD-WRT based Buffalo). I'll keep you posted. PD Quote Link to comment Share on other sites More sharing options...
digip Posted December 23, 2011 Share Posted December 23, 2011 Thanks guys. Yes, I'm putting in a 'normal' MAC and filtering isn't active on the router. I haven't tried another distro, but I can try BackTrak on a Live CD. I haven't sniffed the packets (brand new to Linux, coming from Win7), can I do this from the terminal or do I need to install WireShark? I also got an Intel 6200 series card at the same time. I'm going to swap that in and try...and maybe drive down to Starbucks to test...could be my router (DD-WRT based Buffalo). I'll keep you posted. PD If you we're you using macchanger in ubuntu originally then try Backtrack. Its already installed in backtrack, give that a go. If it works with backtrack, then maybe the ubuntu install didn't have latest drivers or compatibility with your hardware. Quote Link to comment Share on other sites More sharing options...
Malachai Posted December 26, 2011 Share Posted December 26, 2011 Or better yet use: macchanger -A (interface) Which will give you a mac address that follows those specifications and looks like its from a specific company using their oui... I always use the macchanger -r (interface) works for me. just remember to bring down the wlan0/or wlan1 and mon0 if your using it. then change your mac address. Quote Link to comment Share on other sites More sharing options...
Malachai Posted December 26, 2011 Share Posted December 26, 2011 -r is ok, however it makes it completely random and does not always produce a OUI which is credible. If you change your Mac your good, however I like to use the deception of it possibly being another hardware manufacturer first. Just a tip. It's true but if you're using it for a little while then it's good. Most Admin or other security people won't check the mac until it's to late. Just a thought.... Quote Link to comment Share on other sites More sharing options...
n1tr0g3n Posted January 18, 2012 Share Posted January 18, 2012 the -r option is nice...Funny I never even heard of that after all these years cracking wireless. damn you learn something every day Yeah like they said make sure your card is down and type these commands, the last command is to start airodump to scan for AP's but you'll probably want to specify a channel in the end to stop channel hopping and run these three commands service network-manager stop service avahi-daemon stop service upstart-udev-bridge stop or the sudo airmon-ng check kill command Assuming your interface is called "wlan1" type this in.. ifconfig wlan1 down macchanger -r wlan1 ifconfig wlan1 up airmon-ng start wlan1 airodump-ng mon0 Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted January 18, 2012 Share Posted January 18, 2012 Here how I do it. airmon-ng start wlan0 channel x ifconfig mon0 down macchanger -m 00:11:22:33:44:55 mon0 iwconfig mon0 channel x ifconfig mon0 up Then I get on to cracking and this method works for me. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.