1

I was wondering if it would be possible to create some sort of ethernet passthrough device, but this device also functions as a layer 2 mac address spoofer, which can be used with any device without the need for a software mac address spoofer, or for devices which are incapable of changing their mac address normally i.e. a router/access point. This would allow for someone to set up a rogue access point that shows up to the network as an iphone.

there are research articles which refer to an FPGA being used for interpreting ip communications on layer 2, and I want to know if you could manipulate the ethernet frame of a packet, to make a layer 2 mac address spoofer, or even a device to replay packets

and finally i was wondering if a device like this actually exists as well. has this idea been come up with before? has it been made or proven wrong?

Alexm
  • 11
  • 1

1 Answers1

1

This is called a layer 3 bridge. It can be done with common hardware and a common OS like Linux. All what it is needed is a hardware with two network cards and to configure the OS as a layer 3 bridge. The outgoing data from the bridge in the direction of the rest of the network will have the MAC of the bridge's network interface and not the original MAC.

Note that care must be taken to rewrite the MAC not only inside the IP packets but also in payloads which connect layer 2 with layer 3, i.e. within ARP. See for example Bridging Network Connections with Proxy ARP.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424