This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

MAC address spoofing?

All,

 

we are having licensing issues with an app that uses the mac address to generate a unique ID for licensing purposes.  The unique ID keeps changing and removing the license for each computer.  According to the app publisher, this would be an indication of the mac address changing.

So I'm curious if there are any features in the Sophos endpoint suite that might be spoofing or hiding the true mac address, or maybe the software is working between the OS and the NIC?  maybe its creating a virtual nic?  I'm only guessing, wondering if anyone has any insight on this.

 

thanks in advance!



This thread was automatically locked due to age.
Parents
  • Hi Zane,

    "or maybe the software is working between the OS and the NIC" our Web control does rely on LSP and WFP to proxy the web traffic for scanning.

    The most time saving option here would be to raise a case with the said app - maybe they must've seen this with other AV vendors(if AV really is the cause). The only advise I can give you apart from this is to follow - https://community.sophos.com/kb/it-it/118563 and https://community.sophos.com/kb/de-de/120448 to isolate the component which may be causing - if Sophos indeed is a cause behind this.

    Thanks,

    Vikas

  • VikasSingh said:

    Hi Zane,

    "or maybe the software is working between the OS and the NIC" our Web control does rely on LSP and WFP to proxy the web traffic for scanning.

    The most time saving option here would be to raise a case with the said app - maybe they must've seen this with other AV vendors(if AV really is the cause). The only advise I can give you apart from this is to follow - https://community.sophos.com/kb/it-it/118563 and https://community.sophos.com/kb/de-de/120448 to isolate the component which may be causing - if Sophos indeed is a cause behind this.

    Thanks,

    Vikas

     

     

    I don't know for certain that Sophos is the cause.  I don't even have anything making me think that it might be.  I'm just asking if there is a possibility that the Sophos software is spoofing a mac address or anything similar that someone may be familiar with.  I'm grasping at straws trying to figure out this issue.

     

     

    thanks

Reply
  • VikasSingh said:

    Hi Zane,

    "or maybe the software is working between the OS and the NIC" our Web control does rely on LSP and WFP to proxy the web traffic for scanning.

    The most time saving option here would be to raise a case with the said app - maybe they must've seen this with other AV vendors(if AV really is the cause). The only advise I can give you apart from this is to follow - https://community.sophos.com/kb/it-it/118563 and https://community.sophos.com/kb/de-de/120448 to isolate the component which may be causing - if Sophos indeed is a cause behind this.

    Thanks,

    Vikas

     

     

    I don't know for certain that Sophos is the cause.  I don't even have anything making me think that it might be.  I'm just asking if there is a possibility that the Sophos software is spoofing a mac address or anything similar that someone may be familiar with.  I'm grasping at straws trying to figure out this issue.

     

     

    thanks

Children