Sure, we can spoof a MAC Address to something totally random when involved in some... shenanigans... but what if you REALLY wanted to troll someone?

First, for the unintiated, a quick rundown on what, exactly, a MAC Address is.

As is typical with such technical things, Wikipedia has some really good wording, which I will swipe:


A "MAC address of a device is a unique identifier assigned to a network interface controller", and "are most often assigned by the manufacturer of network interface cards." And most iportantly, "A MAC address typically includes the manufacturer's organizationally unique identifier (OUI)".

In short, a MAC address is physically "burned" in to Network Cards, and the first 6 digits are uniquely assigned to individual manufacturers, and cannot be altered. Your computer has a MAC Address on the network card, your laptop probably has 2, the LAN and WiFi cards. Your phone will have at least 2, the cellular and WiFi. And by referencing the MAC address, we can start to uncover precisely what kind of device this is.

Though the physical MAC address cannot be altered, those of us "in the know" understand that it is possible to alter the network traffic and change the MAC address there, and spoof our MAC to something random. There's a few use-case scenarios for this, and it is commonly done to hide or disguise the presence of a rogue device in a network.

Some Internet Service Providers (ISPs) still use ancient, outdated methods and processes in their networks, and sometimes theit modem will "learn" the MAC address of the device it initially connected to, and won't communicate with anytihng else. Spoofing a MAC address like this can get around that limitation without needing to involve the ISP. Many firewalls have this kind of feature for precisely this reason. ISPs will also analyze the MAC addresses conencted to their modems to determine who's using what kind of device to connect to the internet.

So... how can we troll these analytics?

Myself, I just use this prefix (or OUI):


Why? Well according to this MAC Vendors list, this OUI is assigned to: The Coca-Cola Company.

The Coca-Cola Company!?

What is Coke doing with a MAC Address OUI?

It is common, if perhaps even industry practice, to outsource the Network Card manufacturing to 3rd parties. My laptop, for example, is Lenovo branded, but the wireless adapter was manufactured by Intel, and the wired adapter was manufactured by Wistron. So why does Coke have an OUI? What would Coke possiby even DO with an OUI? I mean.. maybe something to do with all the vending machines... but why not just outsource the NIC manufacturing to a 3rd party, as seems to be the standard industry practice?

And what would such a device be doing on a consumer-grade internet account?

THAT's what I am hoping my ISP wonders if/when they analyze the MAC address here.



# laptop 2020-11-04 08:05
You actually make it appear really easy together with your
presentation but I in finding this matter to be actually something
that I think I would never understand. It seems too complex and very extensive for me.
I am looking ahead for your next submit, I'll attempt to get the hang
of it!
Reply | Reply with quote | Quote

Add comment

Security code