In theory, every networking device has a unique media access control, or MAC, address. In practice, using a simple tool called macchanger, it’s easy to “spoof” your computer’s MAC address on Linux by setting a random value for it each time you connect to a network, which helps protect your privacy. Here’s how and why.
How MAC Addresses Work
Because the MAC address associated with your connection is visible to other computers on the network, it can serve as a unique identifier for tracking your online activity. Anyone sniffing network traffic can easily monitor how much data your computer is downloading or uploading, for example, even if the data is encrypted. Eavesdroppers can also see when you go online and offline by tracking your MAC address.
By default, each networking device in your computer comes with a hard-coded MAC address. Fortunately, however, it’s easy to set a different MAC address of your choice on a given device. On Linux, you can do that manually using the “ifconfig” command. But a more user-friendly method involves using macchanger, which you can download through the software management system of most mainstream Linux distributions. (On Ubuntu, look for the “macchanger” package in the Software Center, or type “sudo apt-get install macchanger”)
Automating MAC Spoofing
We won’t cover how to use macchanger here, although it’s pretty straightforward and you can find all the documentation you need by typing “man macchanger” in a terminal once it’s installed. (For those of you who prefer pointing and clicking, a graphical frontend for the app is available for most Linux distributions called “macchanger-gtk”)
Fortunately, you don’t actually have to know how to use macchanger if you just want your MAC address to be changed randomly each time you connect to a network. To achieve that, simply install macchanger, then follow these steps:
1. Type “sudo nano /etc/init/macchanger.conf” in a terminal. This will open a blank text file inside your terminal.
2. Paste the following lines inside the blank file:
# macchanger - set MAC addresses
# Set the MAC addresses for the network interfaces.
description "change mac addresses"
start on starting network-manager
/usr/bin/macchanger -A wlan0
/usr/bin/macchanger -A eth0
/usr/bin/macchanger -A wmaster0
/usr/bin/macchanger -A pan0
#/usr/bin/logger wlan0 `/usr/bin/macchanger -s wlan0`
#/usr/bin/logger eth0 `/usr/bin/macchanger -s eth0`
3. Press ctrl-X to close the file. When asked whether you want to save it, press Y to do so.
4. Type “sudo nano /etc/network/if-post-down.d/random-mac” to create another blank text file.
5. Paste these lines into the file:
[ "$IFACE" != "lo" ] || exit 0
# Bring down interface (for wireless cards that are up to scan for networks), change MAC address to a random vendor address, bring up the interface
/sbin/ifconfig "$IFACE" down
macchanger -A "$IFACE"
6. Press ctrl-X to close the file. When asked whether you want to save it, press Y to do so.<
7. Type “sudo chmod +x /etc/network/if-post-down.d/random-mac” to make the script you created executable.
8. Type “sudo service network-manager restart” to restart your networking and allow the changes to take effect.
That’s it. Now, your computer will appear on the network with a randomly generated MAC address each time you reconnect, making it that much harder for people to track your activities.
There are a few potential issues to keep in mind:
- This won’t work well if you are on a network that forces you to register your MAC address or computer. University dorms often do this, for example, by redirecting all of your traffic to a registration page until you sign up with them. If you use macchanger to reset your MAC randomly with each connection, you’ll have to register again every time you reconnect.
- For similar reasons, this script will cause problems if you use a wireless network with MAC filtering enabled — which is pretty useless as a security measure, by the way, precisely because MAC addresses are so easy to spoof. Still, more than a few wireless networks are configured with MAC filtering, which makes it possible to connect only if you have a certain MAC address.
- It’s important to understand that MAC spoofing does not encrypt your data or hide your IP address on the Internet. Those things require totally different tools, like Tor and HTTPS Everywhere. Randomizing your MAC address protects you primarily only from eavesdroppers on the local network.