Cloning Interfaces

penguinHugger · 01-01-2009, 09:43 AM

I was recently using wlanconfig to create and destroy virtual wireless interfaces on my pc. How can I do the same thing with Ethernet devices?

Thanks :-)

bye.

raymor · 01-01-2009, 04:09 PM

Are you having some difficulty that you need more information
about, or are you simply looking for the instructions?
For instructions which apply to any most Linux distribution,
because they involve working at the command line, see any
of the first four results in Google for "create linux virtual interface",

Let's say you want to use the GUI tool. For example, in Fedora
you'd click System - Administration - Network. If you're looking
for someone to tell you what menu it's under like that, you'd
have to search for or ask about your specific distribution, as
each has different GUI tools. (Though several are almost
identical since they are based on Fedora, for example).

penguinHugger · 01-01-2009, 06:05 PM

I tried googleing it, but everything I found involved a static IP, but I need DHCP. I am writing a script that changes my MAC address every few minutes. But I am having a problem with the interface either, not coming all the way down, or not comming down correctly before the MAC gets changed and the interface is brought back up. This results in my IP being increased by 1 each time. I want to make two virtual devices so that I can keep an interface up at all times, thus, preventing packet loss, and fix the IP problem.

Thanks for any help you can provide

bye.

P.S. I love the command line and for my script need commands, not a GUI.

P.P.S. I am using the program 'macchanger' to change the MAC address.

legine · 01-02-2009, 01:53 AM

what the heck??

Why would anyone bother with mac addresses?

man ifconfig should be your friend.

and you should wait for the device properly shut down, something like sleep 3 or something. I guess.

ofc such a step will cause lag on your internet device, which brings the question back why would anybody wishes to change its mac address but then, scream for a ip address throughout the LAN network?

Well have fun!!

boomy · 01-02-2009, 02:43 AM

Read something about the osi layers, then you understand what to do.
you've got 1 physical interface, so one layer 2 connection.
on top of this, you want multiple layer 3 "interfaces" / IP addresses.
Google your way with this info for commands how to do it.

in the end:
#arp -a
Your arp table will show you 1 mac address with multile IP addresses.

penguinHugger · 01-02-2009, 09:55 AM

I'm not using the script to create multiple interfaces, I'm trying to create multiple interfaces for the script. I've tried using a sleep, but it doesn't work. The script goes something like this:

Code:

#!/bin/bash

while [ 1 ];
do
ifdown eth0;
sleep 5;
macchanger -r eth0;
ifup eth0;
sleep 120;
done

The purpose of the script is to add a little bit of anonymity and to keep me constantly moving on the network, (every 2 minutes).

P.S. Durring the writing of this post the script has somehow started working. Thank you for your time and effort. ;-)

P.P.S. If you have any need, please feel free to copy the script and use it for your own purposes.

Thank You

bye.

jerryshenk · 01-02-2009, 11:48 AM

That's gonna go through 30 IP addresses an hour. That will probably result in a DHCP pool exhaustion. Of course, this is going to mess up IP connectivity from that computer.

boomy · 01-02-2009, 12:19 PM

Why would you need every 2 minutes a new mac address?
I hope you understand that if you do a dhcp request, also you will get a new IP address.
As you don't need anonymity at home, I think you need it at school, or work?
A simple math will explain that you will abuse 8hours*60/2=180 IP addresses a day.
So I hope they have a short lease, or an infinite pool otherwise nobody can get an ip address.

Your script looks okay (didn't tested it).
Question:
Does the script also work after you unplugged your interface? I assume it would brake the script, not?
My distribution has an if-up-dir, when the interface is up, it executes the scripts in this dir.
But to loose my connection a few seconds every time, and to finish every network session within 2 minutes would be a pain in the ass for me.

I'm not sure also how paranoia your level is at.
If I would use nmap, I would still find you in a day, because your fingerprint which is still the same.
A few basic things would hide you more, like your ttl (simple to change with iptables).
Open a few listening ports, like 80, 23, or something else at random with a honeypot, or netcat.
But then again, your system will often visit the same destinations, so.... it's hard to hide.

My job lays in the network-world, and because your paranoia script, You will be spotted earlyer because you attract attention. I would get curious why someone would do this and find out what he or she is up to. Booom goes your anonymous thing.

Still my main question lives on: What are you trying to hide from who?

legine · 01-03-2009, 04:00 AM

http://www.torproject.org/ for the paranoid on the net. :-)

boomy · 01-03-2009, 06:12 AM

TOR can also be hacked if your browser doesn't have the right options set for proxy, never done this myself, but here are the links:

http://reviews.cnet.com/4520-3513_7-6654986-1.html
http://www.wilderssecurity.com/showthread.php?t=190073

I think if you are a good Java programmer, you can work out your own small os/library which the victim will receive via an iframs. Then let this small piece of code get an IP address via DHCP, and grab the public IP address. Because.... I assume there are lots of other clients/game-stations in the network who don't use tor on their client, so there has to be a leak out.
Haven't thaught about a (linux) router with tor build in that you use.

So from cloning interfaces -> international web privacy

But my main message is: rock...sciccor...paper...rock...sciccor...paper
There is always a way that overrules

legine · 01-04-2009, 06:40 AM

well I believe TOR is still more efficent then changeing mac adress. But yes 100% anonymity this is not. But you need to understand more to bypass TOR.

Quote:

But my main message is: rock...sciccor...paper...rock...sciccor...paper
There is always a way that overrules

True, very True! :-D

[edit] best practis to avoid the iframe flaw is to take care where you surf.[/edit]

penguinHugger · 01-04-2009, 10:45 AM

My, Oh, My. Where to start.

Well, when I first wrote this script a few months ago, I found that my IP would increment by one each time the loop ran. I didn't realize this until I was testing by having it run every few seconds

. But now, the problem has disappeared. Suddenly that has been fixed. Now I have the same IP before and after it runs. I don't know why it works now, but it does, and I'm going to run with it.

As far as the hassle of having the network go down every two minutes, I thought it might be an issue, but it doesn't really bother me. The thing is, I will occasionally lose a few pages in firefox, but the all I have to do is wait a second and refresh the page, which isn't a problem for me.

No the script doesn't break when I unplug the network cable / close the network connection / bring down the interface, again, I don't know why, but I'm going to run with it.

I,ve considered a honeypot, but haven't gotten around to it yet.

I already use Tor.

And finally...

I don't remember why I wrote this or what good I thought it would do, but I've got it working, and I don't see the harm in using it, so I'm going to.

Thanks for all the replies, I will check back often for anything new.

bye.

P.S. For anyone who cares: This seems to have moved very suddenly from cloning interfaces to annonymity in general, maybe it should be moved to a new sub-forum, something like "Networking -> Annonymity". Just a thought. I know that I would love to see an Annonymity sub-forum as this is what I spend a large amount of my time working on. Thanks. bye.