Something like the current Unix timestamp plus the 3rd and 6th octets
of the source's MAC would give a decent sized number and would not
contain enough information to necessarily give away the identity of
whoever is initiating the connection. Though I guess the collision
rate for that might be less than optimal.