MAC Address Scrambling“- By the name itself we can understand, instead of using a burned-in address, the machine uses a random MAC address. The machine/device changes MAC addresses regularly to improve security. MAC address is a 48-bit hexadecimal digit which is burned in every electronic device that has the capability of “connectivity” such as mobile devices, smart TV, PC, etc. “Apple” added this feature to iPhones from iOS8 to protect users’ privacy.

So, how does a static MAC address cause some security issues? The first thing caught in my mind is this

According to Edward Snowden, the National Security Agency has a system that tracks the movements of everyone in a city by monitoring the MAC addresses of their electronic devices. As a result of users being trackable by their devices’ MAC addresses, Apple has started using random MAC addresses in their iOS line of devices while scanning for networks.If random MAC addresses are not used, researchers have confirmed that it is possible to link a real identity to a particular wireless MAC address.

-wikipedia (https://en.wikipedia.org/wiki/MAC_address)

As I said it is “Burned-in”, which means it never changes which network you connect, unlike IP address. Another possible attack is “Man-in-Middle” with ARP poisoning. I highly recommend you to read wikipedia article: ARP spoofing for a better understanding of ARP poisoning. IEEE group also recommends random MAC addresses for Wifi security. Read this article for more info

For Linux, soon will get this feature. But now, I made a script(init script: I know init scripts are not meant for this, but I made it anyway!) which changes the MAC address every time the machine boots. Not only on boot, but we can also change whenever we want with simple commands and can restore to the original or we can go one step further with cron job to schedule the script that changes the MAC address every 1 hour or 30 minutes (Depending on your need).

It is a shell script that uses macchanger, which executes every time the machine boots thus the interface gets a random MAC address every time.

NOTE: The “macchanger” or any other script never changes the device’s actual MAC address which is burned on the interface, but macchanger creates a proxy which machines use this proxy MAC address for network communication

How to install?

  1. Install macchanger

    $ sudo apt-get update && sudo apt-get install macchanger -y

  2. Download and place changer script in /etc/init.d/

    $ wget -q -O /etc/init.d/changer https://goo.gl/tRfoJo

  3. Give executable permission

    $ sudo chmod +x /etc/init.d/changer

  4. Run update-rc.d

    $ sudo update-rc.d changer defaults

Commands

$ service changer restore # To restores original MAC
MAC Address Restored 0X:XX:XX:27:d8:XX

$ sudo service changer new # To assign a new MAC. Note that, interface will go down and up
MAC Address Changed Successfully

$ service changer show # To shows current MAC
Current MAC: 08:00:0c:27:d8:39

NOTE:

  1. Change the interface in changer after you download, by default the interface is wlan0
  2. There will be a network restart when you run service changer new or service changer restore
  3. Kali Linux’s latest version(kali-rolling) has this feature. While upgrading(apt-get install upgrade), there is a macchanger prompt asking to enable this feature.