One of the first things I wanted to do after my fresh install was to make some paranoid-level privacy upgrades to the OS.
As far as I can tell, MAC spoofing is not enabled/enforced by default, someone please tell me if this is untrue so I can save myself the headache.
I am aware that I can use macchanger to do this, but I’d like to have it done on startup so that I do not need to do it manually every time.
I’ve found a lot of forums/guide for this, but the methods have changed significantly over the past 8 years (the period of time most of the webpages I’ve found on the topic span).
Here are a few methods I’ve seen:
-Edit the /etc/rc.local file with the appropriate commands (I don’t see this file in ParrotSec, would creating the file and proceeding as normal still work?- OR, is there another file to edit that would achieve the same result, I’ve seen some people argue that rc.local is obsolete)
-Creating startup services
-Deleting NetworkManger and reverting back to an older architecture for network management involving /etc/network
I wanted to ask the community what your preferred method for running commands on startup is, and what your philosophy is for choosing that over one of the available alternatives. What are the tradeoffs with each method?
/etc/rc.local is kinda old and not supported (Although i think it still is in ubuntu) rc.local is just one file that obviously could get a bit messy and confusing if you were trying to do more than one thing.
A alternate that i would use is the /etc/init.d/ directory that executes all shell scripts inside it at system runlevel changes (start/ stop). So you can have a script per task or service you want at different runlevels.
Saying that i dont think you can randomize you MAC using that. But you should be able to using network manager: https://wiki.archlinux.org/index.php/NetworkManager#Configuring_MAC_Address_Randomization
Make a bash script and put it on a directory which is in your PATH and just go in the menu on the top bar and search for startup applications -->add --> name it like you want and in command
but in the bash script this is not secure because the command for macchanger must be doing in root so you must hardcode your root password and thats a fucking bad idea
Thats like a friend who ask me a script to autologin in ssh…bad bad idea
i can write the bash script if you want and you will replace by your pass
The second solution it is to write a bash script but you must launch it manually that will be shorter, dont have to type a bunch of command, just type something like
mac eth0 and the change are made automatically
Edit: All your solution have securtity issue except maybe the startup service All other lead to an exploitable RCE or Privilege Escalation issue
Thank you! These were just the answers I was looking for.
Needing to hardcode the root password is not an acceptable security tradeoff in my eyes.
I’ve tried editing the Network Manger configuration files in the past to achieve this goal, but it has resulted in breaking my connectivity each time. I haven’t exhausted all possible solutions involving this method though, so I will dive a little deeper and see if I can work the problem from that angle.