[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] Thoughts on MAC Addresses

 >> Just something kicking around my head when I should be sleeping :)

I presume a Freedombox owner should have the freedom to change the MAC 
address of their box. Perhaps even if it conflicts with realistic 
hardware/IANA mappings. But not if it conflicts with an existing device 
on the network.

Isn't there a MAC hash technique by Cisco or someone, which creates a 
hash out of host/user/etc info that fits into a MAC? That might be nice, 
for some auth scenarios.

But I'm unclear what kind of box Freedombox is.
Wired-only? wifi-only?
IPv4-only, IPv6-only, or dual-stack (how?)?
DNSsec or normal. or no DNS (replacing with what?)?
What router protocol(s) are needed?

Will it be able to speak with existing routers? Cisco/Juniper style or 
wifi/MANET style? Or will Freedombox be it's own router overlay, only 
talking to other Freedomboxes? The edge IPS, if not built-into 
Freedombox (Snort|Suricata?) might need to deal with MAC changes.

Changing MAC addresses is helpful for some privacy scenerios. But too 
much change might mess up some network defenses, used by 
routers/firewalls to protect against ARP/ICMP/DHCP/DNS attacks, 
especially if using wireless protocols.

Reply to: