IP Address and Mac address??

I hope I'm posting this in the correct place. I have been reading at Wilders for several days to try an educate myself. I realize the question I am going to ask is very basic but here it is.

What is the difference between the IP address of a computer and the Mac address of a computer
Is the Mac address of a computer associated with its NIC
When you are surfing on the internet with a cable modem directly hooked up to a computer what info is seen to the isp. Is it the Mac address or the IP or both??

Any help would be greatly appreciated.

 

Yes, the MAC address is associated with the NIC. The MAC address does not change unless it is spoofed. The IP address is the address assigned to you as either a static address or a DHCP server will assign you a dynamic one depending on the network you are connected to.

If you are directly on the internet with a cable modem the ISP will have both. They assigned you the IP address based on your MAC address (of at least the modem, some require you provision your router/NIC MAC with them to connect.

Is there something particular you are trying to accomplish, or just looking for some general info?

 

Thanks xxJackxx for your help. Ok so your saying that the ISP will see at least the cabler modem Mac and could possibly see your computers Nic Mac address.

What I am trying to figure out how anonymous a modded cable modem is?

 

I'm sure someone with more experience on the subject will chime in at some point, but, from my understanding on a cable network they must have your MAC address to provision the modem to connect at all. So I can't really see being able to make one anonymous.

 

Thanks again for your reply xxJackxx.
Ok. I think I understand. I have seen modded cable modems that you can connect directly to any computer and they will work so if they are provisioned then the cable modem should only work with one computer

 

Almost all network capable devices have a MAC address, including NICs as well as routers/modems and even newer dvd players, and other devices too.

I think it stands for Media Access Control, but not sure if I remember that correctly.

You may note that in some routers you have the option of cloning the MAC address. This is done so that your router can use your computers MAC instead of its own. If a firewall or other feature is implemented somewhere, you can then have your computers MAC address being displayed on the remote site rather than the routers MAC.

AFAIK a MAC address is not routable, meaning if your computers MAC address of the NIC is 12345 and the routers is 67891, endpoints will only see 67891.

There can be a lot of uses for a MAC address. I have sometimes used a firewall based on MAC address rather than IP because that way it won't matter if DHCP is used or not. As mentioned you must worry about MAC spoofing, but one would have to know an approved MAC to spoof, thus it can be a robust method and easier to use in certain situations.

Sul.

 

Thanks Sully for your response. I understand the meaning of not routable and the example you gave. Thanks.
As for the approved Mac to spoof you must have a valid Mac to spoof.

Thanks for explaining this as I always wondered how it worked and what exactly the cable isp could see about the computer your using and what other info the cable Isp could ascertain about your computer and who you are??

 

Thank you Eagle Creek for your help.

So if I understand what you have said that they can see only unencrypted info over the net. So if someone uses a Modded cable modem with say a VPN service then there is no way for them to see the information.

Or I guess you can have a dedicated cable modem directly connected to a dedicated computer and if you watch how you surf, no email web sites or sites that can directly expose who you are, then you should be safe.

 

Thanks Eagle Creek for the info. I'll do some more reading. There is a lot of good info on this site.

Appreciate your help.

 

The ISP knows, afaik, your: MAC address (whether it's the router's or NIC's), ip address, O/S, browser, language choice, and where you are surfing, including remote ip addresses and ports. This is enough to get one in hot water if they're involved in Internet activity of criminal nature, a court order is issued to the ISP to collect this info, and the law enforcement agency uses it to pursue charges against the individual. Your employer is more than likely monitoring and logging your surfing habits as well off the company machines. In this latter case, as long as you follow their Internet use policy, you should be okay.

part of what's in a Wireshark outbound HTTP GET packet...

Code:

Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Ubuntu/10.10 Chromium/9.0.597.84 Chrome/9.0.597.84 Safari/534.13

 

The browser UA is the least of your worries. Every webserver on the internet you connect to sees it and most log it, an ISP only if they do DPI.
It's easily spoof-able and isn't of much use to id you if used alone (browser fingerprinting on the other hand is very effective, see panopticlick).

The biggest danger of UAs is when they are used by malicious websites for drive-bys and exploits against your particular browser and OS combination.