Breaking MAC Addressing Binding Security...
-
- Naik
- Posts: 64
- Joined: Sat Dec 04, 2004 6:30 pm
- Location: Islamabad, Pakistan.
Breaking MAC Addressing Binding Security...
Assalam-o-Alaikum
Dear Fellows!
Please I need your help in a problem.
I have cable Net connection in my home. The problem is that, they've done "MAC-Address binding" with the Interface card provided, now When I want to put cable in my second PC, I wont able to use the Internet. I just Browse the Network Shares fine, but Internet doesn't work then.
Please send me a solution to overcome this problem, I means, How to overcome MAC address binding or Forward the Packets received by that Interface to my other PC using another Lan card in the same PC.
I have the Following Scheme: Uderstand it for reference:
1. The PC in which I use internet has two LAN cards. In one card, the Cable Net is connected which is Binded, (MAC address and the IP), I want to do NATing or some other way to forward those packages to the Second LAN card in the same PC, so that card is connected to my Second PC, and hence, I can use the Internet on my second PC.
2. Note that I Different OS/Hardware in my Room, like Linux Box (Ubuntu 7.10 Gutsy Gibbon, RHEL 4.0) Windows (XP and Vista) and Apple Machintosh PowerMac G4 (Mac OS X and Mac OS 9.2 Classic), so tell me any Possible combination or configuration by which I use Internet on different PCs (Or Atleast 2 PCs)
3. Can NATing with iptables help me in this regard?
Please solve my this problem, I will be very thankful to you people!
Thanking you in Anticipation.
Allah ap ko Jaza-e-Khair de ga (InshaAllah)
Dear Fellows!
Please I need your help in a problem.
I have cable Net connection in my home. The problem is that, they've done "MAC-Address binding" with the Interface card provided, now When I want to put cable in my second PC, I wont able to use the Internet. I just Browse the Network Shares fine, but Internet doesn't work then.
Please send me a solution to overcome this problem, I means, How to overcome MAC address binding or Forward the Packets received by that Interface to my other PC using another Lan card in the same PC.
I have the Following Scheme: Uderstand it for reference:
1. The PC in which I use internet has two LAN cards. In one card, the Cable Net is connected which is Binded, (MAC address and the IP), I want to do NATing or some other way to forward those packages to the Second LAN card in the same PC, so that card is connected to my Second PC, and hence, I can use the Internet on my second PC.
2. Note that I Different OS/Hardware in my Room, like Linux Box (Ubuntu 7.10 Gutsy Gibbon, RHEL 4.0) Windows (XP and Vista) and Apple Machintosh PowerMac G4 (Mac OS X and Mac OS 9.2 Classic), so tell me any Possible combination or configuration by which I use Internet on different PCs (Or Atleast 2 PCs)
3. Can NATing with iptables help me in this regard?
Please solve my this problem, I will be very thankful to you people!
Thanking you in Anticipation.
Allah ap ko Jaza-e-Khair de ga (InshaAllah)
* * *
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
AOA,
Dear Shakeel_jee7,
On the PC on which internet is working, simply enable IP_FORWARDING and Masquerade the outgoing interface.
Dear Shakeel_jee7,
On the PC on which internet is working, simply enable IP_FORWARDING and Masquerade the outgoing interface.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
-
- Havaldaar
- Posts: 105
- Joined: Mon Jun 24, 2002 10:01 am
- Location: Karachi
-
- Naik
- Posts: 64
- Joined: Sat Dec 04, 2004 6:30 pm
- Location: Islamabad, Pakistan.
x2oxen wrote:there are two possible ways for doing so.. Just make a miniserver of your own and connect your 2nd pc with that or else switch your second pc mac address to the same one on which they have bind you.
Thank you dear Brother for the Solution: I know this before, Now;
1. I think it is better option for me as I have at least 5-6 computers in my room (PCs, MACs, Laptops) (By the way, My Room is not Internet Cafe or Public place, though, I have very much Interest in Different hardwares....)
But please provide me Closer solution to my problem, and provide me some links where this type of problem is already solved, in any Plateform (Windows, Linux, Mac OS X).
2. If I choose second option, then PLease tell me the softwares (Cracked, Registered or Free) for Windows, Linux and Mac OS X, which can change the MAC address of the LAN card.
Thankyou very very much for your cooperation.....
Allah Hafiz
* * *
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
-
- Naik
- Posts: 64
- Joined: Sat Dec 04, 2004 6:30 pm
- Location: Islamabad, Pakistan.
mudasir wrote:AOA,
Dear Shakeel_jee7,
On the PC on which internet is working, simply enable IP_FORWARDING and Masquerade the outgoing interface.
AA
Dear Mudassar bhai!
Can you please tell me closely the commands which i follow, to do that, or give me some links, where this problem is solved.
(I am telling you another problem; When I Connect my main PC where internet works, to the other PC with other LAN card or any Networking Interface (Wireless LAN, Ethernet LAN, or Firewire) then Browsing Immediately stops working, while Network Shares, just work fine!!!)
Thanks for your Cooperation.....
Shakeel
* * *
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
-
- Naik
- Posts: 64
- Joined: Sat Dec 04, 2004 6:30 pm
- Location: Islamabad, Pakistan.
ashariqbal wrote:MAC address spoofing is possible on most OS. Of course this is a major problem from the point of view of cable operators (there was a recent thread on this).
Dear Ashir Iqbal;
Can you please provide me the exact link???
Thanx
* * *
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
AOA,
Dear shakeel_jee7,
Follow the steps below. (Commands will only work on Linux, so Linux should be there on the Main INTERNET PC).
1. On the Main PC where internet is working you should have two LAN cards.
2. First LAN Card having your internet configuration connected to your INTERNET Network, and Second LAN Card should have any other Private IP Range (other than your Internet One).
3. Now boot your INTERNET PC in Linux and open rc.local (vi /etc/rc.local) and enter following commands at the end of the file.(considering eth0 to be the INTERFACE on main INTERNET PC connected to INTERNET)
4. Now SAVE rc.local and exit ( :wq ).
5. Now Reboot your PC and try internet on the other PC Connected to your main INTERNET PC.
Hope this should help you out.
Dear shakeel_jee7,
Follow the steps below. (Commands will only work on Linux, so Linux should be there on the Main INTERNET PC).
1. On the Main PC where internet is working you should have two LAN cards.
2. First LAN Card having your internet configuration connected to your INTERNET Network, and Second LAN Card should have any other Private IP Range (other than your Internet One).
3. Now boot your INTERNET PC in Linux and open rc.local (vi /etc/rc.local) and enter following commands at the end of the file.(considering eth0 to be the INTERFACE on main INTERNET PC connected to INTERNET)
Code: Select all
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -t nat -A POSTROUTING -o eth0 -p all -s 0.0.0.0/0 -j MASQUERADE
5. Now Reboot your PC and try internet on the other PC Connected to your main INTERNET PC.
Hope this should help you out.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
-
- Naik
- Posts: 64
- Joined: Sat Dec 04, 2004 6:30 pm
- Location: Islamabad, Pakistan.
Assalm-o-Alikum;mudasir wrote:Code: Select all
/sbin/iptables -P INPUT ACCEPT /sbin/iptables -P FORWARD ACCEPT /sbin/iptables -P OUTPUT ACCEPT echo 1 > /proc/sys/net/ipv4/ip_forward /sbin/iptables -t nat -A POSTROUTING -o eth0 -p all -s 0.0.0.0/0 -j MASQUERADE
Thanks Dear Mudassar for your kindness. I have applied these rules in rc.local file but still Internet is not working on the other PC.
I am sending you the shadow of my "rc.local", so that you please see it, May I did any mistake in it.
Now; for reference, "eth2" is the interface on which Internet works and "eth0" is the Interface, by which I connect my Other PC to this system which has IP address "192.168.0.1".
Now According to your given scheme, I edited my "rc.local" file like this:
Code: Select all
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -t nat -A POSTROUTING -o eth2 -p all -s 192.168.0.1/24 -j MASQUERADE
exit 0
"/etc/rc.local" 22 lines, 529 characters
Please Help me out this problem.
Once again thanks for your Help!
Shakeel
* * *
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
AOA,
Dear shakeel_jee7,
Is this eth2 your interface on the PC on which internet is working fine, and is this the interface through which internet is working.
Dear shakeel_jee7,
Is this eth2 your interface on the PC on which internet is working fine, and is this the interface through which internet is working.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
-
- Naik
- Posts: 64
- Joined: Sat Dec 04, 2004 6:30 pm
- Location: Islamabad, Pakistan.
mudasir wrote:AOA,
Dear shakeel_jee7,
Is this eth2 your interface on the PC on which internet is working fine, and is this the interface through which internet is working.
Yes, Dear, eth2 is the Interface, through which my main PC/Server is connected to Internet and the Interface by which I connect to other PC is "eth0"!
* * *
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
AOA,
Dear Shakeel_jee7,
Follow the steps which i stated above and just replace the code that i wanted you to enter in rc.local file with the code gived below.
And Please check wheather the IPTABLES service is started or not, if the service is not started then please start the service then implement the following code.
To check wheather the service is started ir not use the following command
ps aux | grep iptables
And to check at which runlevel it is being started use the following command.
chkconfig --list | grep iptables.
And if the service is not started at any runlevel use the following command to start the service automatically at runlevel 3,4 and 5.
chkconfig --level 345 iptables on
Hope this will help you out.
Dear Shakeel_jee7,
Follow the steps which i stated above and just replace the code that i wanted you to enter in rc.local file with the code gived below.
Code: Select all
/sbin/iptables -F
/sbin/iptables -X
/sbin/iptables -t nat -F
/sbin/iptables -t nat -X
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -t nat -A POSTROUTING -o eth2 -p tcp -j MASQUERADE
To check wheather the service is started ir not use the following command
ps aux | grep iptables
And to check at which runlevel it is being started use the following command.
chkconfig --list | grep iptables.
And if the service is not started at any runlevel use the following command to start the service automatically at runlevel 3,4 and 5.
chkconfig --level 345 iptables on
Hope this will help you out.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
-
- Naik
- Posts: 64
- Joined: Sat Dec 04, 2004 6:30 pm
- Location: Islamabad, Pakistan.
Thankyou Mudassar bhai, very much for your Help. You have given me much precious time.
But Still my problem didn't solve. When I use the Commands, that you recently told me to put in rc.local file, and restarted the system, the Internet suddenly did stop in the main PC as well as, in the Second PC, it also didn't work!
(I've checked the rc.local, it is working, But chkconfig command is not working)
So, plz if you have any other solution, besides MAC address spoofing, I have two softwares for MAC address spoofing for Windows, but I use Linux or Machintosh for Internet, But MAC address is not a good solution to my problem. OK, If you have information about How to Spoof MAC address in Linux/MAC OS X, then Please tell me.
Also if you have any other solution like IP Forwarding and Masquerading, then please tell me.
Thanx in Advance!
Shakeel
But Still my problem didn't solve. When I use the Commands, that you recently told me to put in rc.local file, and restarted the system, the Internet suddenly did stop in the main PC as well as, in the Second PC, it also didn't work!
(I've checked the rc.local, it is working, But chkconfig command is not working)
Code: Select all
root@engineer-pc:/home/engineer# chkconfig --list | grep iptables
bash: chkconfig: command not found
Code: Select all
root@engineer-pc:/home/engineer# ps aux | grep iptables
root 14827 0.0 0.0 5120 824 pts/0 S+ 04:50 0:00 grep iptables
Also if you have any other solution like IP Forwarding and Masquerading, then please tell me.
Thanx in Advance!
Shakeel
* * *
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"
Shakeel Ahmed
Registered Linux User # 423792
"The Shortest Distance b/w a Problem & its solution, is distance between ur Knees & the Floor. The one who kneels to Allah can stand upto anything!!"