IP Master: best strategy for MAC address (2)

If you want to get the MAC address in other CIDR blocks, you can use the tool software. I think Windows is optimized greatly.
The tool provided by the instructor is good. Click "system performance optimization"> "System Security optimization"> "additional tools"> "cluster Ping ", you can scan MAC addresses in batches and save them to files.

Knowledge: ARP (Address Resolution Protocol) is an Address Resolution Protocol, which converts an IP Address into a physical Address. There are two ways to map IP addresses to physical addresses: Table and non-table. ARP is to resolve the network layer (IP layer, that is, the third layer of OSI) Address to the MAC address of the Data Connection layer (MAC layer, that is, the second layer of OSI. ARP uses IP addresses to obtain MAC addresses.

ARP principle: When zookeeper sends a packet to host B, It queries the local ARP cache table and finds the MAC address corresponding to IP address B before data transmission. If not, an ARP request packet (carrying the IP address Ia of host A-physical address Pa) is broadcasted, and host B with the IP address Ib replies to the physical address Pb. All hosts on the Internet, including B, receive ARP requests, but only host B recognizes its own IP address, so it sends an ARP response packet to host. It contains the MAC address of B. After receiving the response from B, A updates the local ARP cache. Then use the MAC address to send data (the MAC address is appended to the NIC ). Therefore, the local high-speed cache ARP table is the basis for local network circulation, and the cache is dynamic. ARP table: In order to recall the speed of communication, recently commonly used MAC address and IP address conversion does not rely on the switch, but on the machine to create a commonly used host IP-MAC ing table, that is, the ARP table.
　　　
7. How to modify your MAC address

The MAC address is fixed in the NIC, And the MAC address is unique. Is there any way to change it? No, we do not need to modify the content of the EPROM. Instead, we can modify the content of the storage unit to modify the MAC address. For example, you can modify the Registry in Windows.

Enter regedit.exe in the "Start Menu" text box, open the Registry Editor, expand the registry to the: Register {users} subkey, and search for DriverDesc in the branches under the subkey, such as 0002 and (if you have more than one network card, there will be 0001,0002 ...... The information about your Nic is saved here. The DriverDesc content is the Information Description of your Nic, for example, my Nic is Intel 21041 based Ethernet Controller ), assume that your network card has a 0000 sub-key.

Add a string named "NetworkAddress" under the 0000 subkey. The key value is the modified MAC address, which must be 12 consecutive hexadecimal numbers. Then, create a new sub-key named NetworkAddress in NDIparams under the "0000" sub-key and add a string named "default" under the sub-key, the key value is the modified MAC address.

Create a string named "ParamDesc" under the sub-Key of NetworkAddress. Its function is to specify the description of NetworkAddress, and its value can be "MAC Address ". In this way, the "attribute" of the network neighbor will be opened. Double-click the corresponding Nic and you will find an "advanced" setting under which the MAC Address option exists, it is the new NetworkAddress that you add to the Registry. You only need to modify the MAC address here.

Disable registry and restart. Your NIC address has been changed. Open the properties of the network neighbor. Double-click the corresponding Nic item and you will find an advanced configuration item for MAC Address, which is used to directly modify the MAC Address.

Of course, you can also use the tool software to modify the MAC address of the NIC. For example, MAC2001 can achieve our goal.

8. How to solve the security problems caused by MAC addresses

We can bind the IP address and the MAC address to solve this problem. Go to MS-DOS mode or command prompt and enter the command: ARP-s 10.88.56.72 00-10-5C-AD-72-E3 at the command prompt to bind the MAC address and IP address together. In this way, the IP address is not stolen and the network cannot be used normally, which can effectively ensure the security of the residential network and the application of users.

Note: ARP commands are only useful for LAN proxy servers and for static IP addresses. If Modem is used for dial-up or dynamic IP addresses, they do not work.

However, simply binding IP addresses and MAC addresses cannot completely solve the IP address theft problem. As a network supplier, they have the responsibility to resolve these problems for users before they are handed over to users, rather than handing over security issues to users. Users are not supposed to be liable for unnecessary theft.

As a network supplier, the most common and most effective solution is to bind the PORT on the basis of IP and MAC binding, that is, the three IP-MAC-PORT are bound together, PORT) the port of the vswitch. In this case, you need to perform port timed management during cabling. During cabling, the junction box on the user wall should correspond to the port of the switch one by one, and the registration should be completed. Then, the MAC address handed in by the user should be filled with the corresponding switch port, and then bound together with the IP address, to achieve the IP-MAC-PORT of the three bindings. In this way, even if the hacker owns the MAC address corresponding to the IP address, it cannot have the same port on the wall. Therefore, the hacker is isolated from the physical channel.

I 'd like to share some knowledge about MAC addresses through the above introduction! Remind everyone to apply what they have learned and never use it for other people!