Breaking MAC Addressing Binding Security...

Protecting your Linux box

Breaking MAC Addressing Binding Security...

Postby shakeel_jee7 » Tue Dec 18, 2007 4:35 am

Assalam-o-Alaikum

Dear Fellows!

Please I need your help in a problem.

I have cable Net connection in my home. The problem is that, they've done "MAC-Address binding" with the Interface card provided, now When I want to put cable in my second PC, I wont able to use the Internet. I just Browse the Network Shares fine, but Internet doesn't work then.

Please send me a solution to overcome this problem, I means, How to overcome MAC address binding or Forward the Packets received by that Interface to my other PC using another Lan card in the same PC.

I have the Following Scheme: Uderstand it for reference:

1. The PC in which I use internet has two LAN cards. In one card, the Cable Net is connected which is Binded, (MAC address and the IP), I want to do NATing or some other way to forward those packages to the Second LAN card in the same PC, so that card is connected to my Second PC, and hence, I can use the Internet on my second PC.

2. Note that I Different OS/Hardware in my Room, like Linux Box (Ubuntu 7.10 Gutsy Gibbon, RHEL 4.0) Windows (XP and Vista) and Apple Machintosh PowerMac G4 (Mac OS X and Mac OS 9.2 Classic), so tell me any Possible combination or configuration by which I use Internet on different PCs (Or Atleast 2 PCs)

3. Can NATing with iptables help me in this regard?

Please solve my this problem, I will be very thankful to you people!
Thanking you in Anticipation.
Allah ap ko Jaza-e-Khair de ga (InshaAllah)
* * *
Shakeel Ahmed
Registered Linux User # 423792

"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
shakeel_jee7
Naik
 
Posts: 64
Joined: Sat Dec 04, 2004 6:30 pm
Location: Islamabad, Pakistan.

Postby mudasir » Tue Dec 18, 2007 9:53 am

AOA,

Dear Shakeel_jee7,

On the PC on which internet is working, simply enable IP_FORWARDING and Masquerade the outgoing interface.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
mudasir
Captain
 
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Website: http://www.crystalnetworks.org
Location: Dubai

Postby ashariqbal » Tue Dec 18, 2007 10:37 am

MAC address spoofing is possible on most OS. Of course this is a major problem from the point of view of cable operators (there was a recent thread on this).
ashariqbal
Havaldaar
 
Posts: 105
Joined: Mon Jun 24, 2002 10:01 am
Location: Karachi

Postby x2oxen » Tue Dec 18, 2007 2:58 pm

there are two possible ways for doing so.. Just make a miniserver of your own and connect your 2nd pc with that or else switch your second pc mac address to the same one on which they have bind you.
Muhammad Usman
+92-321-6640501
Chemonics International
http://usmanpk.com
x2oxen
Major General
 
Posts: 1114
Joined: Wed Aug 22, 2007 3:17 pm
Website: http://usmanpk.com
WLM: x2oxen@hotmail.com
Yahoo Messenger: x2oxen
Location: Faisalabad

Postby shakeel_jee7 » Wed Dec 19, 2007 3:04 am

x2oxen wrote:there are two possible ways for doing so.. Just make a miniserver of your own and connect your 2nd pc with that or else switch your second pc mac address to the same one on which they have bind you.



Thank you dear Brother for the Solution: I know this before, Now;

1. I think it is better option for me as I have at least 5-6 computers in my room (PCs, MACs, Laptops) (By the way, My Room is not Internet Cafe or Public place, though, I have very much Interest in Different hardwares....)
But please provide me Closer solution to my problem, and provide me some links where this type of problem is already solved, in any Plateform (Windows, Linux, Mac OS X).

2. If I choose second option, then PLease tell me the softwares (Cracked, Registered or Free) for Windows, Linux and Mac OS X, which can change the MAC address of the LAN card.

Thankyou very very much for your cooperation.....

Allah Hafiz
* * *

Shakeel Ahmed

Registered Linux User # 423792



"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
shakeel_jee7
Naik
 
Posts: 64
Joined: Sat Dec 04, 2004 6:30 pm
Location: Islamabad, Pakistan.

Postby shakeel_jee7 » Wed Dec 19, 2007 3:10 am

mudasir wrote:AOA,

Dear Shakeel_jee7,

On the PC on which internet is working, simply enable IP_FORWARDING and Masquerade the outgoing interface.



AA
Dear Mudassar bhai!
Can you please tell me closely the commands which i follow, to do that, or give me some links, where this problem is solved.

(I am telling you another problem; When I Connect my main PC where internet works, to the other PC with other LAN card or any Networking Interface (Wireless LAN, Ethernet LAN, or Firewire) then Browsing Immediately stops working, while Network Shares, just work fine!!!)

Thanks for your Cooperation.....

Shakeel
* * *

Shakeel Ahmed

Registered Linux User # 423792



"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
shakeel_jee7
Naik
 
Posts: 64
Joined: Sat Dec 04, 2004 6:30 pm
Location: Islamabad, Pakistan.

Postby shakeel_jee7 » Wed Dec 19, 2007 3:13 am

ashariqbal wrote:MAC address spoofing is possible on most OS. Of course this is a major problem from the point of view of cable operators (there was a recent thread on this).



Dear Ashir Iqbal;

Can you please provide me the exact link???

Thanx
* * *

Shakeel Ahmed

Registered Linux User # 423792



"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
shakeel_jee7
Naik
 
Posts: 64
Joined: Sat Dec 04, 2004 6:30 pm
Location: Islamabad, Pakistan.

Postby mudasir » Wed Dec 19, 2007 1:58 pm

AOA,

Dear shakeel_jee7,

Follow the steps below. (Commands will only work on Linux, so Linux should be there on the Main INTERNET PC).

1. On the Main PC where internet is working you should have two LAN cards.

2. First LAN Card having your internet configuration connected to your INTERNET Network, and Second LAN Card should have any other Private IP Range (other than your Internet One).

3. Now boot your INTERNET PC in Linux and open rc.local (vi /etc/rc.local) and enter following commands at the end of the file.(considering eth0 to be the INTERFACE on main INTERNET PC connected to INTERNET)

Code: Select all


/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P OUTPUT ACCEPT

echo 1 > /proc/sys/net/ipv4/ip_forward

/sbin/iptables -t nat -A POSTROUTING -o eth0 -p all -s 0.0.0.0/0 -j MASQUERADE


4. Now SAVE rc.local and exit ( :wq ).
5. Now Reboot your PC and try internet on the other PC Connected to your main INTERNET PC.

Hope this should help you out.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
mudasir
Captain
 
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Website: http://www.crystalnetworks.org
Location: Dubai

Postby x2oxen » Wed Dec 19, 2007 2:06 pm

Shakeel can you do anything on ur own???
Muhammad Usman

+92-321-6640501

Chemonics International

http://usmanpk.com
x2oxen
Major General
 
Posts: 1114
Joined: Wed Aug 22, 2007 3:17 pm
Website: http://usmanpk.com
WLM: x2oxen@hotmail.com
Yahoo Messenger: x2oxen
Location: Faisalabad

Postby shakeel_jee7 » Thu Dec 20, 2007 3:27 am

mudasir wrote:

Code: Select all


/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P OUTPUT ACCEPT

echo 1 > /proc/sys/net/ipv4/ip_forward

/sbin/iptables -t nat -A POSTROUTING -o eth0 -p all -s 0.0.0.0/0 -j MASQUERADE



Assalm-o-Alikum;
Thanks Dear Mudassar for your kindness. I have applied these rules in rc.local file but still Internet is not working on the other PC.
I am sending you the shadow of my "rc.local", so that you please see it, May I did any mistake in it.
Now; for reference, "eth2" is the interface on which Internet works and "eth0" is the Interface, by which I connect my Other PC to this system which has IP address "192.168.0.1".

Now According to your given scheme, I edited my "rc.local" file like this:

Code: Select all

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P OUTPUT ACCEPT

echo 1 > /proc/sys/net/ipv4/ip_forward

/sbin/iptables -t nat -A POSTROUTING -o eth2 -p all -s 192.168.0.1/24 -j MASQUERADE

exit 0
"/etc/rc.local" 22 lines, 529 characters



Please Help me out this problem.
Once again thanks for your Help!

Shakeel
* * *

Shakeel Ahmed

Registered Linux User # 423792



"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
shakeel_jee7
Naik
 
Posts: 64
Joined: Sat Dec 04, 2004 6:30 pm
Location: Islamabad, Pakistan.

Postby mudasir » Thu Dec 20, 2007 5:26 am

AOA,

Dear shakeel_jee7,

Is this eth2 your interface on the PC on which internet is working fine, and is this the interface through which internet is working.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
mudasir
Captain
 
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Website: http://www.crystalnetworks.org
Location: Dubai

Postby shakeel_jee7 » Thu Dec 20, 2007 5:55 am

mudasir wrote:AOA,

Dear shakeel_jee7,

Is this eth2 your interface on the PC on which internet is working fine, and is this the interface through which internet is working.



Yes, Dear, eth2 is the Interface, through which my main PC/Server is connected to Internet and the Interface by which I connect to other PC is "eth0"!
* * *

Shakeel Ahmed

Registered Linux User # 423792



"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
shakeel_jee7
Naik
 
Posts: 64
Joined: Sat Dec 04, 2004 6:30 pm
Location: Islamabad, Pakistan.

Postby mudasir » Thu Dec 20, 2007 4:06 pm

AOA,

Dear Shakeel_jee7,

Follow the steps which i stated above and just replace the code that i wanted you to enter in rc.local file with the code gived below.

Code: Select all

/sbin/iptables -F
/sbin/iptables -X
/sbin/iptables -t nat -F
/sbin/iptables -t nat -X

/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P OUTPUT ACCEPT

echo 1 > /proc/sys/net/ipv4/ip_forward

/sbin/iptables -t nat -A POSTROUTING -o eth2 -p tcp -j MASQUERADE


And Please check wheather the IPTABLES service is started or not, if the service is not started then please start the service then implement the following code.

To check wheather the service is started ir not use the following command

ps aux | grep iptables

And to check at which runlevel it is being started use the following command.

chkconfig --list | grep iptables.

And if the service is not started at any runlevel use the following command to start the service automatically at runlevel 3,4 and 5.

chkconfig --level 345 iptables on

Hope this will help you out.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
mudasir
Captain
 
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Website: http://www.crystalnetworks.org
Location: Dubai

Postby shakeel_jee7 » Fri Dec 21, 2007 4:45 am

Thankyou Mudassar bhai, very much for your Help. You have given me much precious time.
But Still my problem didn't solve. When I use the Commands, that you recently told me to put in rc.local file, and restarted the system, the Internet suddenly did stop in the main PC as well as, in the Second PC, it also didn't work!
(I've checked the rc.local, it is working, But chkconfig command is not working)

Code: Select all

root@engineer-pc:/home/engineer# chkconfig --list | grep iptables
bash: chkconfig: command not found


Code: Select all

root@engineer-pc:/home/engineer# ps aux | grep iptables
root     14827  0.0  0.0   5120   824 pts/0    S+   04:50   0:00 grep iptables

So, plz if you have any other solution, besides MAC address spoofing, I have two softwares for MAC address spoofing for Windows, but I use Linux or Machintosh for Internet, But MAC address is not a good solution to my problem. OK, If you have information about How to Spoof MAC address in Linux/MAC OS X, then Please tell me.

Also if you have any other solution like IP Forwarding and Masquerading, then please tell me.

Thanx in Advance!

Shakeel
* * *

Shakeel Ahmed

Registered Linux User # 423792



"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
shakeel_jee7
Naik
 
Posts: 64
Joined: Sat Dec 04, 2004 6:30 pm
Location: Islamabad, Pakistan.


Return to “%s” Security

Who is online

Users browsing this forum: No registered users and 2 guests

cron