Now You See Me, Now You Don't
07 01 09 - 00:08
INTRODUCTION
The purpose of this is to communicate without being subjected to political persecution
Using a wireless network offers some strategic advantages to someone seeking anonymity on-line. First, because the user is not bound by wiring, they can be physically distant from the actual internet connection. Right now, for example, the author is using a home-made antenna to covertly steal internet access from the neighbor down the street. An additional benefit comes from the network architecture typically used in a wireless
network. Remember how I said an IP Address consists of four numbers ranging from 0 to 255? Well, this means that there are a limited number of IP Addresses available. Considering that the internet is a worldwide
resource, this number is actually relatively low. Because of this fact, a system was developed whereby multiple computers could share one IP Address. For the record this is known as Network Address Translation.
A system set up with NAT consists of a computer that has a real IP Address, known as the server, and a
number of computers that have fake addresses, known as the clients (these addresses tend to be 10.x.x.x or 192.168.1.x; where ‘x’ is a number 0 – 255, but they need not be). The server receives requests for internet content from the clients and then requests that information from the internet, when the internet responds with the requested content, the client determines which client asked for it, and then sends it to that computer. The important thing to note is that any client under such a system has no unique IP Address, and most wireless networks use this kind of setup!
HIDING ONE’S MAC ADDRESS IN WINDOWS XP
The process for changing one’s MAC Address in windows is relatively straight-forward, but first-timers and/or those intimidated by computers may find the process baffling at first. I urge you, the reader, to look over these step-by-step instructions and their accompanying diagrams several times. After you think you have it down, be sure to practice a few times before you need to do it in a “real-world” situation.
Step 1: To give you a feel of what we’re going to do, go to Start-> Programs-> Accessories-> Command Prompt. A box with some text and a blinking cursor should come up. Type this command ipconfig /all. You get a bunch of information regarding your network connections. Somewhere in this information will be a line that reads “Physical Address...” (See figure 1). This is your current MAC Address, write it down for reference. It will be a series of 6 numbers represented in hexadecimal format (this means that a digit can be 0 through 9 or a through f where a through f represent 10 through 15). Our goal is to replace these numbers with different ones. In order to do this we need to edit the registry.
Step 2: The registry is a repository of data that is used by the operating system. Typically the user needn’t worry about it at all. In windows we can edit this data by using the regedit program. Click Start-> Run. A text box will pop up type “regedit” (figure 2) and hit okay. The registry program will open (figure 3).
Step 3: Look at figure 3. On the left side of the window you will see various expandable folders. These work just like the file browser included in windows. Folders open up to new folders in an expandable tree. The difference is that these folders contain different keys and each key contains different data.
The data we want to change can be found in the key located at:[HKEY_LOCAL_MACHINE\SYSTEM\ ControlSet001\
Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}]. To get there click on the little plus sign next to “HKEY_LOCAL_MACHINE” then the one next “SYSTEM” and so on until you find the {4D36E972-E325-11CE-BFC1-08002bE10318}folder. Click on the plus next to this folder and you will see a number of subfolders that run in sequential order. When you are done with this step, the tree on the left side of the regedit window should look something like figure 4.
Step 4. Each of these folders represents a different network device. In order to determine which one correlates to the network card you want to change the MAC address on, you will have to click on each one. After you click on each of these subfolders, examine the data that appears in the box on the right. You should find some lines with descriptive information such as the manufacturers name. You will need to find a match for your card. Usually you can find manufacturer and model information printed on your card. Continue looking
through the sub-folders until you find a match. On my computer under folder 0016 I find a string entitled “ProviderName” and its corresponding value is “Lucent Technologies” and there’s another string called “VendorDescription”
and its value is “ORiNOCO PC Card (5 volt).” These clues tell me that this folder is for my Lucent
Technologies Wavelan pc card which is based on an ORiNOCO microchip.
Step 5. When you have found a match, look in the window on the right under the “name” column for a string called “NetworkAddress.” If none exists, you will have to create it. Right-Click in the box on the right and click New-> String Value. Name this string “NetworkAddress.”
Step 6. Now, all you have to do is give “NetworkAddress” a value, or alter the value already there. Double click on “NetworkAddress” and in the value field enter a string of 12 characters ranging from 0 to 9 and a through f, eg. 022CDEAD4e2c. (Figure 6)
Step 7. Close the regedit program and restart your computer.
Step 8. Let’s see if this worked. Open a command prompt (Start-> Programs-> Accessories-> Command
Prompt) and type ipconfig /all. You should see that the fake MAC Address your provided is displayed.
Step 9. If your MAC Address did not change, or if your internet connection ceases to work, you may have provided an invalid MAC address. Another possibility is that there are more than one entry in the registry
for your wireless card, look through the subfolders under [HKEY_LOCAL_MACHINE\SYSTEM\ ControlSet001\
Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}] again and see if there’s another folder that describes your card. In either case repeat steps 2 through 8. Once you see that your “Physical Address” has changed by issuing the ipconfig /all command in the command prompt you are done.
Step 10. Send your communique, or do whatever thing it is that you don’t want the feds to know about.
Step 11. Repeat steps 2 through 9 to change your MAC Address again.
HIDING ONE’S MAC ADDRESS IN LINUX
For anyone using the LINUX operating system,4 the process of changing MAC Addresses is fairly simple. I am going to assume that the reader already has a running LINUX machine with a functioning wireless adapter. If this is not the case, there are numerous resources online that can help in this regard. Please note, that some of these steps may vary slightly given different LINUX distributions and wireless cards.
Step 1. Open a terminal. This process will be different for all distributions of LINUX. Most LINUX distributions
now default to a graphical user interface that includes a desktop, icons, and other doodads. Typically there will be some sort of application menu. If you can find this, look for terminal, xterm, konsole,or something
of the sort. If all else fails consult the web site of the distribution you are using.
Step 2. Type the iwconfig command in the terminal window and hit enter. You will see various information
regarding your wireless device and any network it may be connected to (see figure 8). Note the name of the device on the left side. In my case, my wireless device is named “eth1” this may vary depending on your setup.
Step 3. Now type ifconfig and hit enter. Ifconfig will display a variety of network information (see figure 9), but what we are worried about is the string that follows “HWaddr” this is the device’s MAC Address. Write this down for reference.
Step 4. Turn off your wireless adapter. This is typically done by issuing the ifdown
Step 5. Change your MAC Address by issuing the following command: ifconfig
Step 6. Turn on your wireless adapter. This is typically done by issuing the ifup
Step 7. Check your work. Issue the ifconfig
Step 8. Send your communique or do whatever you want.
Step 9. Change your MAC Address again by repeating steps 4 through 7.
CONCLUSION.
With a bit of luck, some effort, and perhaps a little help, you should be able to get the above instructions to work satisfactorily. If the precautions I have mentioned are taken, the likelihood of the government being able to pin one to one’s online activities is very low.
A.O.C. (directions given by a friend)
23 comments
