:Hidden MAC address (for PC):

MAC addresses are most often assigned by the manufacturer of a network interface card (NIC) and are stored in its hardware, such as the card's read-only memory or some other firmware mechanism. If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered identification number and may be referred to as the burned-in address. It may also be known as an Ethernet hardware address (EHA), hardware address or physical address. :Secure download here: http://download.cnet.com/Technitium-MAC-Address-Changer/3000-2085_4-10554920.html?tag=mncol;2 (if required;- most recent update - http://blog.technitium.com/2012/01/technitium-mac-address-changer-v602.html ) -----------------------------------------------------------------------------------------------------------------------Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine. Every NIC has a MAC address hard coded in its circuit by the manufacturer. This hard coded MAC address is used by windows drivers to access Ethernet Network (LAN). This tool can set a new MAC address to your NIC, bypassing the original hard coded MAC address. Technitium MAC Address Changer is a must tool in every security professionals tool box.

----------------------------------------------------------------------------------------------------------------------Read more: Technitium MAC Address Changer - CNET Download.com http://download.cnet.com/Technitium-MAC-Address-Changer/3000-2085_4-10554920.html#ixzz2QLtT8HcB If you got prompted with this message:- "Failed to change MAC address. For wireless network connections, set the first octet of MAC address as '02' and try again"... dont freak out, this can be solved. 1. How to change MAC address of an Network Interface Card (NIC) First, select the Network Connection for which you want to change the MAC address. Find the Change MAC Address frame in the Information tab below and enter a new MAC address in hexadecimal format in the special text box provided. You may click the Random MAC Address button to generate a random MAC address from the available list of manufacturers. You may also select a

particular Vendor/Manufacturer from the drop down list to get a random MAC address for the selected vendor. After entering a MAC address select the "Automatically restart network connection to apply changes" check box if you want to restart the network connection. Not checking "Make new MAC address persistent" check box would change the NIC MAC address to original when the computer restarts or the NIC is disabled. You may want check the "Use '02' as first octet of MAC address" checkbox for resolving WiFi network adapters issues (read this for more details). Click the Change Now! button to apply the new MAC address.

(TMAC) is unable to change MAC address of many wireless network adapters on Windows Vista and above This issue is observed only on wifi adapters, while you can change the MAC address on Ethernet adapters without any fuss. This tells that the network adapter drivers are actually preventing users from changing MAC address. A simple workaround would let you change MAC address on most wifi adapters if you want to just make sure your original MAC address is not exposed. You just have to set the first octet of MAC address to "02", instead on what normally is "00". Setting first octet "02" actually sets the b2 bit indicating that the MAC address is locally administered. Looking at this MAC address thus indicates that the MAC address is changed by local machine administrator. But, its still good if you just want to hide your original MAC address instead of spoofing someone's MAC address. If this dose not work, seek a newer update. -----------------------------------------------------------------------------------------------------------------------Other Tips: :How to change MAC address back to the original MAC address of NIC? : To change MAC address back to the original MAC address of the NIC, just click the Restore Original button in the Change MAC Address frame that you have on the Information tab.

:How to Enable/Disable an Network Connection? : Select the Network Connection from the list for which you want to perform the required operation and check/uncheck the list box to enable/disable the network connection.

:How do I refresh the Network Connection list? : To refresh the Network Connection list, Click Options menu and click the Refresh menu item. You can also do this task by pressing F5 key.

:How can I add/remove an IP address? : Just right click on the IPv4/IPv6 address list box and to get context menu. Click the Add IP menu item to get a new window. Enter the IP address details and click Add IP. If you click on the IP address list and start typing a new IP address, the IP address editor window will appear automatically saving time. To remove an IP address, select the IP address from the list and press Delete key on your keyboard or you can right click on the listbox use click Remove IP from the context menu.

:How do I add/remove an Gateway? : Just right click on the IPv4/IPv6 gateway list box and to get context menu. Click on the Add Gateway menu item to get a new window. Enter Gateway details and click Add Gateway. If you click on the Gateway list and start typing a new Gateway IP address, the Gateway IP address editor window will appear automatically saving time. To remove an Gateway, select the Gateway IP address from the list and press Delete key on your keyboard or you can right click on the listbox use click Remove Gateway from the context menu.

:How do I add/remove an DNS Server IP Address? : Just right click on the IPv4/IPv6 DNS list box and to get context menu. Click on the Add DNS Server menu item to get a new window. Enter DNS Server details and click Add DNS. If you click on the DNS Server list and start typing a new DNS Server IP address, the DNS Server IP address editor window will appear automatically saving time. To remove a DNS Server IP, select the DNS Server IP address from the list and press Delete key on your keyboard or you can right click on the listbox use click Remove DNS Server from the context menu.

:How can I change DNS Servers priority: Just right click on the IPv4/IPv6 DNS list box and to get context menu. Click on the Move Up/Move Down menu item to change priority. The top most DNS Server IP address has highest priority while the bottom most has the least. You can even hold the CTRL key on your keyboard in combination with the UP and DOWN navigation keys to perform the above operations.

:How to enable/disable DHCP on an Network Connection? : Select the Network Connection on which you want to enable/disable DHCP and click the Action > DHCPv4 > DHCPv4 Enable menu item. For DHCPv6 use the Action > DHCPv6 > DHCPv6 Enable menu item. Note, all the previous IP and Gateway settings will be deleted when DHCP is enabled/disabled. Hence you are recommended to

create Configuration Preset for the connection before performing the operation as in case you wish to revert changes.

:How to Release IP and Renew IP lease for selected connection? : Select the Network Connection on which you want to Release IP/Renew IP lease and click the Action > DHCPv4 > Release IP/Renew IP menu item. For DHCPv6 use the Action > DHCPv6 > Release IP/Renew IP menu item. Note, TMAC will not respond till the operation selected is finished or it has timed out.

:How to create/modify/delete an Configuration Preset? : Click on the Presets tab to get the list of saved presets on the left list box and details of the selected preset on the right list box. To create new preset, just click on the New button below the presets list box to get a new window. Select the options you want to include in the preset with appropriate values and click Save. To edit/modify existing preset, just select the preset and click edit or just double click on it to get a new window with the preset details to edit. To delete preset, select all the presets you want to delete from the list box and click delete button or just press delete on your keyboard.

:How to apply an Configuration Preset? : Click on the Presets tab to get the list of saved presets on the left list box and details of the selected preset on the right list box. Select the adapter from the network connections list box, select the preset in the preset list box and click Apply button to apply the selected preset on the selected network connection. ____________________________________________________________________________ MAC flooding:

MAC addresses are most often assigned by the manufacturer of a network interface card (NIC) and are stored in its hardware, such as the card's read-only memory or some other firmware mechanism. If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered identification number and may be referred to as the burned-in address. It may also be known as an Ethernet hardware address (EHA), hardware address or physical address. In computer networking, MAC flooding is a technique employed to compromise the security of network switches. Switches maintain a MAC Table that maps individual MAC addresses on the network to the physical ports on the switch. This allows the switch to direct data out of the physical port where the recipient is located, as opposed to indiscriminately broadcasting the data out of all ports as a hub does. The advantage of this method is that data is bridged exclusively to the network segment containing the computer that the data is specifically destined for.

In a typical MAC flooding attack, a switch is fed many Ethernet frames, each containing different source MAC addresses, by the attacker. The intention is to consume the limited memory set aside in the switch to store the MAC address table.[1] The effect of this attack may vary across implementations, however the desired effect (by the attacker) is either for legitimate MAC addresses to be forced out of the MAC address table causing significant quantities of incoming frames to be flooded out on all ports. It is from this flooding behavior that the MAC flooding attack gets its name, and it is this behavior which allows the MAC flooding attack to be used as more than a simple denial-of-service attack against the switching infrastructure. After launching a successful MAC flooding attack, a malicious user could then use a packet analyzer to capture sensitive data being transmitted between other computers, which would not be accessible were the switch operating normally. The attacker may also follow up with an ARP spoofing attack which will allow them to retain access to privileged data after switches recover from the initial MAC flooding attack.

Counter measures To prevent MAC flooding attacks, network operators usually rely on the presence of one or more features in their network equipment: With a feature often called "port security" by vendors, many advanced switches can be configured to limit the number of MAC addresses that can be learned on ports connected to end stations. A smaller table of "secure" MAC addresses is maintained in addition to (and as a subset to) the traditional "MAC address table." Many vendors allow discovered MAC addresses to be authenticated against an authentication, authorization and accounting (AAA) server and subsequently filtered. Implementations of IEEE 802.1X suites often allow packet filtering rules to be installed explicitly by an AAA server based on dynamically learned information about clients, including the MAC address. Security features to prevent ARP spoofing or IP address spoofing in some cases may also perform additional MAC address filtering on unicast packets, however this is an implementation-dependent side-effect. Additional security measures are sometimes applied along with the above to prevent normal unicast flooding for unknown MAC addresses. This feature usually relies on the "port security" feature to retain all "secure" MAC addresses for at least as long as they remain in the ARP table of layer 3 devices. Hence, the aging time of learned "secure" MAC addresses is separately adjustable. This feature prevents packets from flooding under normal operational circumstances, as well as mitigating the effects of a MAC flood attack. -----------------------------------------------------------------------------------------------------------------------------------MAC Address Spoofing: The attacker generally desires to be hidden. But the probing activity injects frames that are observable by system administrators. The attacker fills the Sender MAC Address field of the injected frames with a spoofed value so that his equipment is not identified. Typical APs control access by permitting only those stations with known MAC addresses. Either the attacker has to compromise a computer system that has a station, or he spoofs with legitimate MAC addresses in frames that he manufactures. MAC addresses are assigned at the time of manufacture, but setting the MAC address of a wireless card or AP to an arbitrary chosen value is a simple matter of invoking an appropriate software tool that engages in a dialog with the user and accepts values. Such tools are routinely included when a station or AP is purchased. The attacker, however, changes the MAC address programmatically, sends several frames with that address, and repeats this with another MAC address. In a period of a second, this can happen several thousand times. When an AP is not filtering MAC addresses, there is no need for the attacker to use legitimate MAC addresses. However, in certain attacks, the attacker needs to have a large number of MAC addresses than he could collect by sniffing. Random MAC addresses are generated. However, not every random sequence of six bytes is a MAC address. The IEEE assigns globally the first three bytes, and the manufacturer chooses the last three bytes. The officially assigned numbers are publicly available. The attacker generates a random MAC address by selecting an IEEE-assigned three bytes appended with an additional three random bytes. and

Defeating MAC Filtering Typical APs permit access to only those stations with known MAC addresses. This is easily defeated by the attacker who spoofs his frames with a MAC address that is registered with the AP from among the ones that he collected through sniffing. That a MAC address is registered can be detected by observing the frames from the AP to the stations.