Security

[chaterbox0]

The mac address is (to me) just another device identifier. Use mac changer x4 on your idevice but back up your Idevice first! It can brick it depending on your model/ios.

[A12danrulz]

So if we change our hostname were good? What's the Mac adress

It is a unique hardware identifyer. Basically if someone has a record of your MAC and it is known to be registered to you that makes you a prime suspect. That shpuld be changed before you enter a LAN that you want to attack because changing while on the LAN will still leave a record I believe.

[chaterbox0]

yeah, so go into airplane mode then change your mac, hostname, and kill the mDNSResponder

[sèphér]

and what's the mDNSResponder dudes?

[chaterbox0]

A service that provides your device name, I do not know it's function but I imagine it's used so apple devices can communicate by identifying eachother by name rather then ip address

[Trcx528]

and what's the mDNSResponder dudes?

Ill give a detailed response soon.

[sèphér]

nice one Trcx. and thanks for the brief description chaterbox0.

[grinch]

MAC and hostname as mentioned

also check out UDID Faker to change your unique user ID for your device
its on SinFuL

[lnfin8ty]

To change hostname permanently use:

scutil --set HostName new_hostname

Is that mDNSResponder on all idevice's - ipodtouch and iPhone? Would l have to use that command every time?

[lnfin8ty]

Well the command went through so l suppose it's on every device.

[lnfin8ty]

+1 Grinch that a usefull little program. It seemed to change the UDiD on all my hack tools lol.
I changed my HostName permanently a while back to point at the City Hall. Only thing l've noticed is that some scanners like Lanscanner will still come up with Users-lpod when it's run on my idevice. I don't know if someone else on the network would see that, though.

[Trcx528]

nice one Trcx. and thanks for the brief description chaterbox0.

Lol, Sorry I forgot.  Now I don't have as detailed of a response as I planned, it's been a while since I touch that stuff. 

Basically mDNS is the backbone of Apple's bonjour implantation.  On a high level it is a way to advertise and discover services on a network.  The spec is completely opensource (http://www.multicastdns.org/)  combined that with the fact that requires zero configuration alot of devices are starting to implement it.  At the time of my first post in this thread I was in the middle of researching the potential uses for host discovery.  You can download mDNSresponder from cydia for a commandline tool that allows you access to the services that it discovers.  So far this explanation has sucked so here is a real world example:

You get a new printer and turn it on, you go to your mac and go to set up a new printer and it finds the printer almost instantly.  You tell it to connect and with in seconds you are able to print.  What happened to make this so painless?  mDNS

When you turned on the print it began advertising the fact that it could print, the mac (at your direction) started up the printer applet it asked if there were any printers on the network.  The printer responded saying: Yes! I'm at xxx.xxx.xxx.xxx  and you print to port 9100.  This can obviously be taken beyond just printers.  The printer just advertised its service, but that service could be anything, ssh, http, ftp, and much more.  Another example is the 'remote' app for iTunes.  When you open the remote app on your iDevice it starts advertising that it's a remote, iTunes then can see it and pair with it.  The protocol is both active and passive.  You can actively send out packets requesting services or you can just listen for new devices to join the network.  It's pretty cool.

As previously stated I was investigated mDNS as a means of host discovery.  While some what useful it is not overly reliable.  Most devices do not support mDNS, additionally most hosts are clients and thus do not advertise.  Additionally apple and a few linux distributions seem to be the only ones to us mDNS.  Never the less there tend to be at least a handful of devices on the network advertising services.  Especially with the advent of iOS 5's wireless sync which used mDNS to discover the computer to sync with.  Once again that command line tool can do both active and passive discovery of services and also register service, real or fake so it could cause some trouble, but probably not much. 


Wow! That's a lot longer than I though it would be,,,,sorry for the lack of technical detail, but it's been a while, almost 3 months, since I researched it.  And if I ever say I'm going to explain something and I don't just PM me about it, because it's very likely that I just forgot, lol. 

[lnfin8ty]

So, l've disabled it now, with the 'killall' command. If l experience any problems what is the 'enable' command? Or does it just restart on a reboot?

[n3rdwswAg]

So before I scan or attack a network I would need to

scutil --set hostname anonymous
killall mDNS

And what else?
Or would udid faker do all of that?
And do y'all have a tut on Mac spoofing ( I already know its a dumb question cause ya prolly do)

[Kenny]

How do I change my Mac add?