I'm surprised nobody's mentioned the magic letters that make all the difference when dealing with MAC addresses: A, R, and P. (Address Resolution Protocol.)

Disclaimer: networking isn't my field. Take this node with a pillar of salt.

ARP is used on Ethernet networks to map between 32-bit IP (Internet) addresses and 48-bit MAC (hardware) addresses; it's how the router figures out that, hey, 209.foo.bar.baz is this computer, not that one. The short version, IIRC, is that the router, upon receiving a packet to 209.foo.bar.baz, broadcasts an ARP packet to its local Ethernet, saying "Hey, which network interface is 209.foo.bar.baz?" The appropriate computer is supposed to reply with another ARP packet, saying "I am, and my MAC address is 00:00:aa:bb:cc:dd" The router caches that MAC address, and sends all packets addressed to 209.foo.bar.baz to the local MAC 00:00:aa:bb:cc:dd.

(I think. I'm skimming TCP/IP Illustrated vol. 1 as I write this, but there's no guarantee that I'm properly interpreting everything.)

So to spoof a MAC address, you need to come up with the "Hey, I'm 209.foo.bar.baz" packet on the local net. The problem is, ARP is usually handled by the network card driver. On the other hand, you may be able to hook into a firewall/packet filtering program to spoof ARP packets.

ARP is described in RFC 826.

Of course, all this really lets you do is spoof multiple IPs from a single MAC address. To set MAC addresses, I direct you to the arp(8) man page on 4.3BSD and later Unix systems, or to Google for others. (There seems to be an arp command on Windows 2000, according to my Google search; not having Win2k, I wouldn't know.)

I suspect that it's easier to make system calls (to such beasts as ifconfig and arp) inside a Perl script than it is to forge packets and mung hardware MAC addresses via Perl modules.

--
:wq