I added LLADDR to the device config file (/etc/sysconfig/network/ifcfg-eth0). And the MAC address was then correct.
The thing is that when I deploy these, I expect each to have a unique and consistent MAC address without the need to do this edit. After all, if I have to do this edit, I can just as well assign the IP address, as that is what I am really after... I hear different claims as to whether the PI 3 has a unique MAC address, or if it must generated by u-boot/linux. I still don't know. If the MAC address is generated, where does the leading E6:E0:B6 part come from? We had some VME-based PC board a while back that all cam with a the same MAC address, which was XX:XX:XX:00:00:00, where the XX part was whatever the manufacturer had been assigned. We were expected to fill in the 00s to make them unique. Is this how the PI 3 is? On Mon, Mar 6, 2017 at 8:49 PM, Greg Freemyer <[email protected]> wrote: > On Mon, Mar 6, 2017 at 2:23 PM, Brüns, Stefan > <[email protected]> wrote: >> On So, 2017-03-05 at 09:39 -0500, Greg Freemyer wrote: > <snip> >> >>> If a user of that WiFi ever brings in a device with a non-static MAC, >>> I will have to get with them and figure out how to make the MAC >>> static. I'm not going to allow a device on that WiFi to trigger >>> notices to me routinely and it is an important security control to >>> know who is connecting to a non-guest WiFi. >> >> Sorry, but mentioning MAC address monitoring and security in a single >> sentence is ridiculous. The MAC addresses are broadcasted over the air, >> and can be altered in most cases (even many Android phones). >> >> Kind regards, >> >> Stefan > > Stefan, > > I know MAC spoofing isn't hard to accomplish, but monitoring for new > to the network MACs is a best practice in the CIS CC v6.1 document as > I recall. > > https://www.cisecurity.org/critical-controls/Library.cfm > > It's also low hanging fruit that can be done at no cost. > > Greg > -- > To unsubscribe, e-mail: [email protected] > To contact the owner, e-mail: [email protected] > -- Roger Oberholtzer -- To unsubscribe, e-mail: [email protected] To contact the owner, e-mail: [email protected]
