MAC address spoofing - why doesn't this work? [closed]

networking ip-address mac-address spoofing

So I'm in a new job, and they're pretty draconian about their network, hardware, and OS security. :-( I'm a web developer, but am forced to use IE7 for development simply because they don't want ANYone installing ANYthing other than the boilerplate OS install. Any web developers out there know that, sure - you can "get by" developing like this--even though it's a hassle--most of the time. But SOMEtimes, you need an extra program or two to look at the requests being sent/received to see how your client (the browser) is communicating with the server. I HAVE all the programs I want on my personal laptop, but it's not authorized to connect to the corporate network.

Now I'm NO networking expert, but I had this thought: If I can spoof my work desktop's MAC address & IP address on my personal laptop, unplug my desktop, and then plug my laptop into the network, shouldn't I be able to connect? But it doesn't seem to work. How does the network "know" that anything has changed? I thought that MAC address was the only "thing" which identifies you on a network once you've requested and been assigned an IP address.

EDIT: BTW, I've already weighed the risk of "getting in trouble" at work, so no need to remind me that it's "possibly a violation of the network policies" etc. I'm already aware! My real question isn't, "can you tell me how to do this", it's, "why doesn't this work, since I'm obviously misunderstanding something about how networks operate." :-)


Solution 1:

Sounds like they might be using 802.1x which requires end node authentication to the network layer itself.

Which is designed to prevent exactly what you're trying to do.

If all you really want to do it intercept the traffic in between your desktop and the server, you may be able to do that by:

  • putting a hub in between your desktop and switch port and hooking up your laptop.
  • configuring your laptop to be a completely silent and transparent bridge between two ports and putting it in between your desktop and switch port.

Solution 2:

Breaking company policy to suit your arbitrary requirements is absolutely ill-advised. If you cannot get it approved by IT, speak to your boss and argue for your requirements. Otherwise, deal with it or get a new job.

Related

"bitness" and printer servers
Ubuntu / See restart history
Where is RewriteMap allowed?
Using Windows, can I tell a single program to use a specific gateway IP?
Can an active directory group indirectly include itself in a cycle?
How can I replace line #6 in a text file in a bash script?
How to make MediaWiki search work better?
Postfix + SASL = "Relay Access Denied" when sending from outside the network
Double Hop Window Authentication
How do I build debian packages of kernel modules?
Networking security and TCP/IP internals books/sites
How does VMWare generate unique MAC addresses?