If you already know all this stuff, then bear with me. For anyone that doesn't know, this may be useful reading.
You will
always have both an IP address and a MAC address that will be tied to your machine while you are on your district's network. Otherwise, nothing could be routed to you. But, you can prevent any information other than your IP and MAC address from being gleaned from your machine by configure MacOS X's build in ipfw facilities, and setting a couple of variables with sysctl.
First off, it is possible to change your MAC address of the built in ethernet interface from the command line with the
ifconfig command. Some tools, however, use the MAC address to identify your machine, so you may want to write down your original MAC address so you can change it back if you run into any problems. To change the MAC address, type the following in the terminal:
sudo ifconfig en0 ether aa:bb:cc:dd:ee:ff
Where
aa:bb:cc:dd:ee:ff is the MAC address you want to use in hex format. Bear in mind that when you do change your MAC address you will likely have to renew your DHCP lease.
Secondly, you can set up ipfw to close all common ports. Portscans can be used to glean all kinds of information from your machine, including what Operating System its runing. While you can configure ipfw wholly through the Terminal, I would recommend downloading
Brickhouse for sheer ease of use. Brickhouse will, by default, set up ipfw to block all incoming traffic on the most common ports. To prevent people from being able to ping your machine, you can use the 'Advanced' button in Brickhouse to disallow incoming ICMP traffic.
Once the firewall configuration is in place, you can enable logging to the system.log file with the following command in a Terminal:
sudo sysctl -w net.inet.ip.fw.verbose=1
Logging can be capped at a certain limit. To unlimit logging, use this:
sudo sysctl -w net.inet.ip.fw.verbose_limit=0
Thirdly, I would enable the TCP blackhole feature. Blackholing instructs the packet filter to drop all incoming traffic whose destination port has no listening socket. Basically, if you don't have a service running that is listening on a port, all traffic to that port is completely ignored regardless of your ipfw configuration. To enable the TCP Blackhole, use the following command in the Terminal:
sudo sysctl -w net.inet.ip.tcp.blackhole=1
Fourthly, I would use SSH for as much communication over the network as possible. SSH isn't just limited to remote shells, secure ftp, and secure copying. You can use SSH to tunnel other services over an encrypted channel. To set up an SSH tunnel, use the following command in a Terminal:
ssh -N -C -c 3des (ssh server) -L (local port)/(remote host)/(remote port)
This command is a little complicated to use and understand. So, lets break it down. My local library has their own closed wireless network that is open to anyone who walks into the building with an 802.11 enabled laptop. Being a closed network, you can only access machines that are on the library local network, and the central university Solaris servers (strauss). I really want to access a website (slashdot.org) that is outside of the university's network, but because of the closed nature of the library's network, I can't. That is, without a tunnel. So, in my case I might use a command like:
ssh -N -C -c 3des esheep@strauss -L 8099/slashdot.org/80
Breaking this down:
esheep@strauss strauss is the server that I can ssh into, and that also has access to the outside world. I'm going to use strauss as a sort of stepping-stone to get out of the closed library network and into the web.
8099/slashdot.org/80 8099 is the local port number. I'll explain that later. slashdot.org is the remote server that I
really want to access, and the port on slashdot.org that I want to access is port 80 (HTTP).
The local port number I mentioned is the port
I'm going to access on my own machine to get to strauss.org. So, once the tunnel is established, I can open up Safari and type the address: "http://localhost:8099" in the addressbar and when I hit enter: BAM! I'm taken to slashdot.org. If you are thinking that the ipfw configuration you setup earlier might block this because you are accessing an open port on your machine, you should know that ipfw allows all traffic through 'localhost', also called the loopback device. So, even if you have port 8099 firewalled on your network connection, you can still access it through the loopback.
Feel free to use whatever local port number you want when setting up your tunnels, but you should use ports higher than 1024.
) 
