Anonymous Online: Spoof your MAC and Block IP’s

Are you one of the many people out there who thinks that for the most part you are anonymous when you are on the Internet? Are you one of the many who think that just because you visit only reputable and well known websites your computer can’t possibly get any spyware/malware?

Photo courtesy [henning].

Well, I’m in the business of shattering misconceptions – and business has been pretty busy lately.

Anonymity

When you connect to servers and peers over the Internet they often record your MAC address and NetBIOS name. MAC address stands for Medium Access Control address. Without going into too much detail, this is similar to the “street address” of your computer. For those who might argue that the IP address of the computer is its “street address” I like to point out the the IP address is not permanent, it depends on where your computer is and its network settings. The MAC address is hard coded into the NIC (Network Interface Card) of your computer. For the most part you cannot edit or change this small series of numbers and it is an exquisite identifier to your particular computer. There are 281,474,976,710,656 possible MAC addresses, meaning there is little chance for overlap and someone else having your MAC address. Overlaps do occur, but if an organization such as the RIAA or MPAA happens to have logged your MAC address . . . chances are their lawyers have you between a rock and a hard place.

The NetBIOS name of a computer is a small identifier for a particular computer on a network. You can edit this at will using system settings, but it’s not something the average person would know how to do. Most people set it once and forget about it, which gives it the potential to uniquely identify your particular computer over a long period of time. Not always a good thing to do depending on your browsing habits.

Now that I’ve introduced a couple of sobering bits of information that put a downer on your concepts of anonymity over the Internet, I’m going to let you know of a handy little program that will get rid of these problems.

Get MadMACS.

Whats Included in the .zip file:

MadMACS automatically generates a random MAC address when your windows machine starts up. It also picks a random NetBIOS name from a dictionary text file. I suggest placing it in the C:\ directory, as it runs from its folder upon startup (I hate cluttering my desktop, but its up to your own personal preference). It works in Vista but the User Access Control “feature” in Vista will ask your permission for it to run every single time you start your computer up.

Once you set it up you no longer have to worry about it, it runs automatically in the background at startup.

Here is the setup process:

The next screen is mostly if you are re-installing MadMACS. However I don’t believe it would hurt anything if you went ahead and cleared the files.

You really want to say yes to this question. And obviously you won’t have the same Ethernet card as me

Now this part is a little tricky. I suggest simply clicking Ok and forgetting about this screen. However, if you want to be especially crafty you can set a specific prefix to your mac address that makes it look like your hardware came from a different hardware company. For instance, you have a Realtek NIC card and you want to make sure the world doesn’t realize you have one. Look up the prefixes here.

You can “have” any hardware you want.

Like I said earlier, it is nice to have the MadMACS install folder in an out of the way place, because you’re going to want to run at start up:

IP Filtering

When you visit an ordinary website you are making a connection to its web server. What you probably don’t realize or think about is that your computer also connects to potentially dozens of other servers if the website has ads. Sometimes these ad servers are run by less than reputable companies that have no qualms about placing tracking and malicious software onto your machine. Wouldn’t it be nice to block these connections before bad things happen to your precious box?

For those people who like to use peer to peer programs to download various files both legally and illegally might also want a program that blocks connections to bad servers/peers. It might be best to avoid peers under the control of organizations who frown upon media sharing, or peers located in government and educational institutions. Never fear, Phoenix Labs has a solution for your woes:

Peer Guardian 2
http://phoenixlabs.org/pg2/

The people behind Peer Guardian maintain block lists that can block government, educational, and malware institutions as well as known bad peers connected with anti-P2P organizations. It will protect you from inadvertently connecting to malicious ad servers, giving you a better handle on your security.

I won’t go through the install process of PeerGuardian, its just a normal install setup, but I will showcase some of its features:

This is the main menu of PG2. Notice how many IP’s it blocks. Nearly a BILLION.

One thing you may want to watch out for is that handy little “Block HTTP” button on the right. If you suddenly find you cannot view any web pages or check email, etc – its most likely because you have that button active.

The List Manager page where you can create your own custom block list and manage all of the other block lists. These are my 3 favorite stock block lists, on other computers I included the government and educational block lists.

The custom settings page, you can have blocked IP’s show up in red on the main page for that extra dramatic effect.

The incredibly sweet History section, where you can see every single IP connection your computer has made since running PG2.

With these two programs your Internet activities will be much more secure. The combination of anonymity and IP filtering is a deadly combination to those who wish to eavesdrop and data mine from average Internet users. But you’re not the average Internet user are you?

Tags: IP Filtering, MAC Spoofing, MadMACS, P2P, Windows