IP Address and Mac address??

Discussion in 'other security issues & news' started by blusky, Feb 5, 2011.

Thread Status:
Not open for further replies.
  1. blusky

    blusky Registered Member

    Joined:
    Jan 29, 2011
    Posts:
    15
    I hope I'm posting this in the correct place. I have been reading at Wilders for several days to try an educate myself. I realize the question I am going to ask is very basic but here it is.

    What is the difference between the IP address of a computer and the Mac address of a computero_O
    Is the Mac address of a computer associated with its NICo_O
    When you are surfing on the internet with a cable modem directly hooked up to a computer what info is seen to the isp. Is it the Mac address or the IP or both??

    Any help would be greatly appreciated.
     
  2. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    Yes, the MAC address is associated with the NIC. The MAC address does not change unless it is spoofed. The IP address is the address assigned to you as either a static address or a DHCP server will assign you a dynamic one depending on the network you are connected to.

    If you are directly on the internet with a cable modem the ISP will have both. They assigned you the IP address based on your MAC address (of at least the modem, some require you provision your router/NIC MAC with them to connect.

    Is there something particular you are trying to accomplish, or just looking for some general info?
     
  3. blusky

    blusky Registered Member

    Joined:
    Jan 29, 2011
    Posts:
    15
    Thanks xxJackxx for your help. Ok so your saying that the ISP will see at least the cabler modem Mac and could possibly see your computers Nic Mac address.

    What I am trying to figure out how anonymous a modded cable modem iso_O?
     
  4. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    I'm sure someone with more experience on the subject will chime in at some point, but, from my understanding on a cable network they must have your MAC address to provision the modem to connect at all. So I can't really see being able to make one anonymous. :doubt:
     
  5. blusky

    blusky Registered Member

    Joined:
    Jan 29, 2011
    Posts:
    15
    Thanks again for your reply xxJackxx.
    Ok. I think I understand. I have seen modded cable modems that you can connect directly to any computer and they will work so if they are provisioned then the cable modem should only work with one computero_O
     
  6. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Almost all network capable devices have a MAC address, including NICs as well as routers/modems and even newer dvd players, and other devices too.

    I think it stands for Media Access Control, but not sure if I remember that correctly.

    You may note that in some routers you have the option of cloning the MAC address. This is done so that your router can use your computers MAC instead of its own. If a firewall or other feature is implemented somewhere, you can then have your computers MAC address being displayed on the remote site rather than the routers MAC.

    AFAIK a MAC address is not routable, meaning if your computers MAC address of the NIC is 12345 and the routers is 67891, endpoints will only see 67891.

    There can be a lot of uses for a MAC address. I have sometimes used a firewall based on MAC address rather than IP because that way it won't matter if DHCP is used or not. As mentioned you must worry about MAC spoofing, but one would have to know an approved MAC to spoof, thus it can be a robust method and easier to use in certain situations.

    Sul.
     
  7. blusky

    blusky Registered Member

    Joined:
    Jan 29, 2011
    Posts:
    15
    Thanks Sully for your response. I understand the meaning of not routable and the example you gave. Thanks.
    As for the approved Mac to spoof you must have a valid Mac to spoof.

    Thanks for explaining this as I always wondered how it worked and what exactly the cable isp could see about the computer your using and what other info the cable Isp could ascertain about your computer and who you are??
     
  8. Eagle Creek

    Eagle Creek Global Moderator

    Joined:
    Jul 27, 2004
    Posts:
    734
    Location:
    The Netherlands
    Not that much.

    In theory (and for example in The Netherlands in practice) they can monitor and log every bit that enters and leaves your modem (including e-mails). This means can access any information you send unencrypted over the net. As far as I know, however, they always need a court order in order for them to hand over the information to the authorities, ánd aren't they allowed to access the data themselfs.

    However, that data has already left your modem. If you have, for example, personal information at your computer which wasn't sent over the internet, your ISP can't access that.

    Although it's always a good advice to have a firewall installed and configured, actually accessing your computer and reading files etc. is most often considered hacking and not something your ISP would do.

    All of this has not many to do with IP or MAC addresses though. As said, a MAC address is just a physical address for your network devices to communicate with each other, and an IP address is used to communicate over the internet. If someone has access to your network (let’s say your ISP can remotely read information from your modem), then they would also have information about IP’s and MAC’s active in your network. But that information alone, isn’t all that useful.
     
  9. blusky

    blusky Registered Member

    Joined:
    Jan 29, 2011
    Posts:
    15
    Thank you Eagle Creek for your help.

    So if I understand what you have said that they can see only unencrypted info over the net. So if someone uses a Modded cable modem with say a VPN service then there is no way for them to see the information.

    Or I guess you can have a dedicated cable modem directly connected to a dedicated computer and if you watch how you surf, no email web sites or sites that can directly expose who you are, then you should be safe.
     
  10. Eagle Creek

    Eagle Creek Global Moderator

    Joined:
    Jul 27, 2004
    Posts:
    734
    Location:
    The Netherlands
    Well, I'm not 100% sure about the techniques that are out there and the laws the governments make. I do know there are devices for network administrators that claim to be able to decrypt SSL traffic on the fly.
    If that's true, I'm sure providers are able to incorporate those techniques into their network. If they do, I don't know..

    I would say 'encryption = safe for sure', but there's no such thing as 100% secure. In general I would say using a VPN is safe. Or something like the TOR network.
     
  11. blusky

    blusky Registered Member

    Joined:
    Jan 29, 2011
    Posts:
    15

    Thanks Eagle Creek for the info. I'll do some more reading. There is a lot of good info on this site.

    Appreciate your help.
     
  12. wat0114

    wat0114 Guest

    The ISP knows, afaik, your: MAC address (whether it's the router's or NIC's), ip address, O/S, browser, language choice, and where you are surfing, including remote ip addresses and ports. This is enough to get one in hot water if they're involved in Internet activity of criminal nature, a court order is issued to the ISP to collect this info, and the law enforcement agency uses it to pursue charges against the individual. Your employer is more than likely monitoring and logging your surfing habits as well off the company machines. In this latter case, as long as you follow their Internet use policy, you should be okay.

    part of what's in a Wireshark outbound HTTP GET packet...

    Code:
    Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Ubuntu/10.10 Chromium/9.0.597.84 Chrome/9.0.597.84 Safari/534.13
     
  13. katio

    katio Guest

    The browser UA is the least of your worries. Every webserver on the internet you connect to sees it and most log it, an ISP only if they do DPI.
    It's easily spoof-able and isn't of much use to id you if used alone (browser fingerprinting on the other hand is very effective, see panopticlick).

    The biggest danger of UAs is when they are used by malicious websites for drive-bys and exploits against your particular browser and OS combination.
     
Loading...
Thread Status:
Not open for further replies.