Punk Walrus
October 1st, 2003, 18:28
I always hear this is "easy to do," but I haven't found any useful documents online about it. Maybe I am not using the right keywords or looking in the right areas.
We have these propritary routers (for security, I am not allowed to say in a public forum, but they are really rare, and I can't find any online stuff about them, and I suspect they are out of business) that use the MAC address and data we believe is OS Fingerprinting (according to its own manuals) for authentication of configuration changes. They are a BEAR to work with, very fussy, and if it weren't for the initial investment, and the pain and cost of replacement, they would have been history years ago. Right now, we have them connected to NT 4.0 stations which use their software running as a service. For a while, it was a mystery why this worked until I did some packet sniffing and looked at the manuals (which are ungodly huge 3-ring binders of info). It seems that they give a unique OS fingerprint (which nmap was unable to decode, but a dump showed every box had the same thing - a simple hex value), and are bound to the MAC address (which is explained, in detail and bad English, in the binders).
The NT 4.0 boxes are failing and for very complicated reasons I won't go into, we can't get a similar setup on a newer machine. To implement a newer Cisco-based system, it will cost our department about $200,000, and so a kind of "contest" has been set up to try and avoid that. Some of us are using Linux and OpenBSD, and in Linux, they use this command for the MAC:
ifconfig < interface > ether lladdr < MAC-address >
This doesn't work in OpenBSD, apparently. But there is something called sea.c that supposedly does. I found that file online, but I am not sure what to do with it. Do I compile it alone, or with something else?
For the OS Fingerrinting, I found the OpenBSD man pages on pf.os, but I am not clear on if this was just a way to tell OpenBSD about incoming fingerprints, or changing the fingerprint of OpenBSD's outgoing data.
It's probably a long shot, but the winner (if one appears by next fiscal year, 2004) gets 2 weeks free vacation.
We have these propritary routers (for security, I am not allowed to say in a public forum, but they are really rare, and I can't find any online stuff about them, and I suspect they are out of business) that use the MAC address and data we believe is OS Fingerprinting (according to its own manuals) for authentication of configuration changes. They are a BEAR to work with, very fussy, and if it weren't for the initial investment, and the pain and cost of replacement, they would have been history years ago. Right now, we have them connected to NT 4.0 stations which use their software running as a service. For a while, it was a mystery why this worked until I did some packet sniffing and looked at the manuals (which are ungodly huge 3-ring binders of info). It seems that they give a unique OS fingerprint (which nmap was unable to decode, but a dump showed every box had the same thing - a simple hex value), and are bound to the MAC address (which is explained, in detail and bad English, in the binders).
The NT 4.0 boxes are failing and for very complicated reasons I won't go into, we can't get a similar setup on a newer machine. To implement a newer Cisco-based system, it will cost our department about $200,000, and so a kind of "contest" has been set up to try and avoid that. Some of us are using Linux and OpenBSD, and in Linux, they use this command for the MAC:
ifconfig < interface > ether lladdr < MAC-address >
This doesn't work in OpenBSD, apparently. But there is something called sea.c that supposedly does. I found that file online, but I am not sure what to do with it. Do I compile it alone, or with something else?
For the OS Fingerrinting, I found the OpenBSD man pages on pf.os, but I am not clear on if this was just a way to tell OpenBSD about incoming fingerprints, or changing the fingerprint of OpenBSD's outgoing data.
It's probably a long shot, but the winner (if one appears by next fiscal year, 2004) gets 2 weeks free vacation.