Tuesday, August 11, 2009

MAC attack - not what you think

This one got me the other day and no, not a Mac Apple Computer either! A MAC ethernet address.

I was setting up a new VMware Server 2 appliance for a development environment in use with the Symfony framework. The base OS was Ubuntu 9.04 Server.

Well I like to back a backup of the raw OS before I put anything out there since it took a bit to make the VMware appliance. It is simple - or so I thought, you just make a disk copy of your appliance folder.

Well, I did that, as well as manually edited the .vms file. Turns out, vmware assigned a mac address in the /etc/udev/rules.d/70-presistent-net.rules file to eth0 that had been already assigned to the appliance hosting machine.

Example:


# PCI device 0x1022:0x2000 (pcnet32)
SUBSYSTEM=="net", DRIVERS=="?*", ATTRS{address}=="00:0c:29:bd:5f:db",
NAME="eth0"

# PCI device 0x1022:0x2000 (pcnet32)
SUBSYSTEM=="net", DRIVERS=="?*", ATTRS{address}=="00:0c:29:bd:5f:e5",
NAME="eth1"
Basically to fix this, delete the etho entry and change the eth1 to eth0 and restart the appliance.

Wow, one of those obscure moments solved via google.

Be well,

Jeffrey

No comments: