Situatie
Every network interface has a unique MAC address, set by the manufacturer. It’s how network connections identify connection endpoints. On Linux, you can permanently change a MAC address if you want.
Solutie
A MAC address is a unique code used to identify by networks to identify devices as connection endpoints. It answers the critical question of “who’s who” among network interfaces.Every piece of network equipment has at least one network interface built into it. A desktop computer or a server may have multiple network cards installed in them. Many laptops are supplied with a CAT5 network socket and a Wi-Fi card, giving you two network interfaces straight out of the box.
Every network interface has a unique, baked-in identifier. Regardless of the network protocol that is used to communicate with that device, at the lowest level, the connection is identified by its media access control, or MAC, address. That’s why they have to be unique. Making your network interface use a different MAC address is called spoofing.
A MAC address is made up of six hexadecimal numbers. They’re written with a colon “:” or a hyphen “-” between each of the six numbers. Here’s a MAC address from one of our test computers.
b0:c0:90:58:b0:72
Most often, the first three numbers are an organizationally unique identifier, representing the hardware manufacturer. You can decode the OUI using the Wireshark Manufacturer Lookup page. Note that this may be the manufacturer of your computer’s motherboard, network card, or Wi-Fi card. Manufacturers buy in many of the components of their computers and assemble them into the finished item, so don’t be surprised if it is different than the manufacturer of your computer.
Because MAC addresses are built-in, you can’t really change them. What you can do is configure your Linux system so that it pretends to have a different MAC address. As far as any other device on the network is concerned, the MAC address of your computer is the one it broadcasts, so the end result is the same.
Finding Your MAC Address
To find out your current MAC Address, you can use the ip
command with the link
object. This will list your network interfaces, whether they are in use or disconnected the network.
ip link
This computer is a laptop with an active Wi-Fi connection, wlan0
, and a wired Ethernet connection, enp3s0
. The wired connection isn’t plugged in, so it is inactive. The laptop also has the default loopback connection, lo
, configured.
Use macchanger to Change Your Linux MAC Address
The macchanger
utility allows you to change the MAC address of a network interface with flexible options. You can set a specific MAC address or use a random MAC address. You can also get a new MAC address that uses the same three OUI bytes as your hardware, so that the network interface manufacturer stays the same.
Installing macchanger
To install macchanger
on Ubuntu, use this command:
sudo apt install macchanger
To install macchanger
on Fedora, you need to type:
sudo dnf install macchanger
On Manjaro, the command is:
sudo pacman -S macchanger
Depending on the version of macchanger
that is in your distribution’s repositories, you may see a screen asking you whether you want to have a new MAC address created every time a network connection is brought online. That is, when you connect an Ethernet cable or enable Wi-Fi.
Use the arrow keys to move the highlight to the option you wish to use, and press “Enter.”
There is some convenience to this method, but we’re going to select “No”. We want to have some control over the MAC addresses we’re using. Also, you may not want to change the MAC address on every network interface that your computer has. Perhaps you only want to change it on your Wi-Fi card, for example.
Using macchanger to Temporarily Change a MAC Address
You can’t reset the MAC address on a network interface that is in use. We can change the MAC address of our Ethernet connection because it isn’t connected, so it is inactive.
The -r
(random) option generates a completely random MAC address. We need to pass the name of the network interface we want to set the MAC address on.
sudo macchanger -r enp3s0
The MAC address that was in use was the same as the underlying hardware MAC address, or permanent MAC address. The new MAC address is shown at the bottom.
We can change the Wi-Fi card’s MAC address too, if we bring down the Wi-Fi adapter, change the MAC address, then enable the Wi-Fi adapter.
sudo networkctl down wlan0
sudo macchanger -r wlan0
sudo networkctl up wlan0
If you don’t want a random MAC address, you can use the -m
(MAC address option) and specify a MAC address in colon “:” format, in lowercase hexadecimal.
sudo macchanger -m ae:f9:9b:31:40:c0 enp3s0
How to Permanently Change a MAC Address
That’s all nice and simple, but it doesn’t survive a reboot.
We can achieve that however, by using a systemd
unit file. We’ll get macchanger
to give our laptop new MAC addresses for its Ethernet and Wi-Fi interfaces each time it boots.
We’re going to use the -e
(ending) option so that the MAC address is changed but the three OUI bytes remain the same.
That means our spoofed MAC address will appear to belong to hardware manufactured by the same companies that made our actual Ethernet and Wi-Fi hardware. This will avoid problems with any routers, firewalls, or switches that reject packets that don’t come from hardware with a recognized manufacturer.
We’re going to create two services. There’ll be one for the Ethernet connection, and one for the Wi-Fi connection. A single unit file will act as a template for each service. To create our unit file, we need to use sudo
and edit a file with the base name we want our services to have. The at sign “@” sign in the file name is replaced by the name of the network connection when the service is launched, as we’ll see.
We’re calling our unit file “macspoof@.service” because it spoofs MAC addresses.
sudo gedit /etc/systemd/system/macspoof@.service
Copy this text into your unit file, save your file, and close your editor.
[Unit] Description=Spoofing MAC address on %I Wants=network-pre.target Before=network-pre.target BindsTo=sys-subsystem-net-devices-%i.device After=sys-subsystem-net-devices-%i.device [Service] ExecStart=/usr/bin/macchanger -e %I Type=oneshot [Install] WantedBy=multi-user.target
We need to create a service for each of our connections. We do this by adding the name of the network interface behind the at sign “@” in the unit name. We’ll do our Ethernet connection first:
sudo systemctl enable macspoof@enp3s0.service
And we’ll do the same thing for our Wi-Fi connection.
sudo systemctl enable macspoof@wlan0.service
After rebooting our laptop, we can use macchanger
to see what our current MAC addresses are. Note we don’t need to use sudo
because we’re only using macchanger
to report on the MAC address settings, and not to change them.
macchanger enp3s0
macchanger wlan0
This shows us the currently active, spoofed, MAC addresses on our two network interfaces, and their original MAC addresses.
Because we used the -e
(ending) option in our unit file, the first three bytes of the spoofed addresses are the same as the first three bytes of the original MAC addresses.
Permanently Changing a MAC Address with GNOME
Most desktop environments allow you to set a new MAC address. In GNOME you can do this by opening “Settings” and selecting either “Wi-Fi” or “Network” from the sidebar.
- Click the cogged wheel icon next to the connection you wish to set a MAC address for, and select the “Identity” tab.
- You can enter a new MAC address in the “MAC Address” field, or select the genuine MAC address from the drop-down menu.
The “Cloned Address” drop-down menu lets you select from:
- Preserve: Keep the MAC address at boot-time. Don’t change from the set MAC address.
- Permanent: Use the genuine hardware MAC address.
- Random: Generate a random MAC address.
- Stable: Generate a stable, hashed MAC address. Every time the connection activates, the same fake MAC address is used. This can be useful in cases where you want to hide your hardware MAC address, but you need to get the same IP address from a DHCP router.
Your changes will take place when you reboot, or turn the connection off and on again.
Leave A Comment?