Discussion in 'privacy general' started by rubberducky, Dec 16, 2009.
Can a web master or your ISP find out the MAC Address of your Ethernet Card?
IF you are connected by a DSL, then they can for sure, unless your modem have own MAC.
I have read here on Wilders that your MAC address cannot be seen over the internet. I think XB Steve said it was like trying to breathe in outer space. It's just not available to websites, etc...
Of course, both can do that. The website also can do a reverse engineered easily through JAVA Applets or other external plugins in web browsers.
Here is an example: MAC Address lookup
The answer to the general question is no. Just no way. The dangers in MAC addresses is having router/WAP/logs match your MAC address if there was a criminal investigation. But it is not transmitted over the internet
duk, the above is for somebody doing this with their own computer. As in "What Is My IP?" except it's a "What Are My MACs?"
If it is not transmitted over the internet then how can the website read it back to you?.....as in the above example.
That website is using java to get the info from your PC.
Your MAC address is sent out with packets, but it only goes as far as the first hop.
The easiest way to explain is if you think of a router. A router uses NAT which translates the internal private IP into the external WAN IP. The router also translates the MAC address, from private (the PC) into its own MAC address. If you connect directly to the Internet, through, as example Cable, then you will be connecting through your ISPs gateway, so your MAC address will reach there, but then the MAC address in the header info of the packets are translated to the MAC address of the gateway before they are sent on (this translation happens at each hop going out, then at each hop coming back).
An easy way to see this translation of MAC address is to simply sniff(capture packets) while you are browsing. All the returned packets will have the same MAC address, it will be the MAC address of the last hop before reaching your PC.
Okay, not naturally by the network architecture, it is obvious, as is done with our IP Address. But what I tried to show is that it can be done so through reverse engineering, which only depends on the imagination of the attacker (ISP, website, authorities...), even being remotely and not local.
The question was only if the web master or the ISP can find out the MAC Address. My answer is still yes (as it was not specified how or where).
ISP ? Quite possibly.
MY ISP assigns IP addresses to routers based on their MAC.
I suppose it depends on their way of doing things, and on the modem/ISP configuration.
NOBODY OUTSIDE YOUR LAN CAN SEE YOUR COMPUTER'S MAC ADDRESS. PERIOD.
Your ISP can see your cable / dsl modem's MAC on the first hardware device they control, such as the domain router or neighborhood switch, because that is an ARP domain between your cablemodem and the ISP's domain router. After that, it does not see the cablemodem MAC, because it is outside the ARP domain. The ISP cannot ever see your computer's MAC address.
A MAC address is not transmitted outside of an ARP domain (ex: the link between two physically connected network devices).
Your Computer <--> CableModem <--> ISP's Domain Router <--> ISP's Border Router <--> Internet Router
All non-transparent network devices have a MAC address. Only the devices immediately on either side of a <--> can see the other's MAC address. "Your Computer" can see your CableModem's MAC address, and vice versa. "Your Computer" cannot see "ISP's Domain Router" 's MAC address, and vice versa.
The people who worry about MAC addresses are typically those who are trying to steal service from an ISP. Your computer's MAC address does not track you, as access to it is insulated by your network access hardware (cablemodem, etc). Analogy: You're not worried about the internet stealing your fingerprints because they are only exposed to your keyboard, and don't go any further.
That is certainly incorrect with my ISP/setup.
My cable modem has 2 mac addresses, one for itself and one learned(which is my own gateway). While the cable modem is active, all packets from my gateway are directed to my ISP gateway MAC, not to the cable modem MAC.
So I see my ISP gateway MAC and they see mine.
Just worth mentioning.
Quite a few ISPs will bind your IP with your MAC address. Some will not even allow you to change your MAC address without permission. Some others, like my current ISP will allow a MAC address change, but when I change my MAC address, my IP also changes.
Steve you come up with some of the best analogies I have ever heard. You would make a really good teacher.
That is abnormal, and your ISP is cheating with custom hardware in your home. So what is going on is your ISP's gateway is running ARP and requires a special modem to break the rules so it can bridge an arp domain. What would happen if you used a standard cablemodem and matched the MAC address to your existing device ID, so it didn't share a mirrored MAC to the ISP's gateway router but still had authenticated access?
I cannot call it abnormal, as I have seen other ISPs with the same. However, I have had this modem/ISP for approx 6 years and my ISP no longer sends these out to new customers (they now send out wi-fi modem/router)
I can (and do) block all ARP to/from ISP gateway(use static entries) and connect with no issue. There is however a direct ARP request from ISP gateway every 3H-59m if no activity from my end (but I drop that).
I have never replaced the cable modem and found no reason to. But I cannot see any possible issue if I did.
I change my Gateway MAC address regularly, not for security reasons, just because I like to change my IP.
The ISP also runs an embedded private LAN (10.*.*.*) for cable TV.
Well, Steve, in my setup it's like this:
When I use my router in this configuration I get a different IP compared to a direct connection without the router.
I'm fairly certain that IPs are assigned to the MAC of the router (what else?).
I think that when not using the router, the IP is assigned by the modem/ISP.
So my guess is that my ISP doesn't check my ethernet card, but I'm not sure.
I presume the router, modem and the ISP 'communicate' to assign me an IP on the WAN side.
Couldn't this be caused by running a cable-modem in bridge-mode?
A know alot of cable-modems that do only that.
But something tells me that bridge-mode only tells you something about the ip-adresses and nothing about the ARP-configuration itself.
With cablemodem ISPs, the IP address is assigned using the MAC address of the Cablemodem. With DSL modem ISPs, I think it can use a circuit ID or the MAC of the DSL Modem. With fiber, it is done by circuit ID. With WiMax, it is done by WiMax Modem MAC.
Well, I am on Cable, and I know it is my gateway MAC that is bound to my IP, not the modem MAC.
You really should check your info.
What device is acting as your gateway that is generating the MAC? Here they do have *some* gateway/modem combo devices, as well as standalone modems. I've seen this with AT&T DSL lines on occasion, but not on Qwest, Comcast, or Time Warner (US providers). Who is your provider?
I changed providers and found the above to be true.
My previous DSL provider had dynamic IP address assignment.
After joining my current provider, I noticed that my IP address was static so I complained. When asked, their tech support didn't give me a straight answer. After messing around with the routers MAC address, I found I could change the IP address assigned at will by changing the router MAC address.
We do a similar trick with NIC card MAC addresses because they do share an ARP domain to the gateway sometimes. We've seen this in comcast cable. With verizon fiber you have a direct circuit ID that connects the NIC/Home Gateway Router to the ISP's gateway router/switch. I'm going to have a protocol analyzer hooked up to some local DSL to see what it is. It may just be sharing hashes of the MACs or something else that is depending on the MAC. The bottom line is that *if* the ISP uses a device that forces to extend an ARP domain across the modem device to the gateway device, it *could* get the gateway's MAC, it *could* get the ethernet NIC card MAC, but the ISP is NOT running an ARP domain to the external internet so the internet can't get your MAC, and the ISP already knows who you are so sharing the MAC with them doesn't change much.
The best MAC changer I know of is SMAC, it will match the fake MAC address you choose with the right ethernet manufacturer. Apparently some of those MAC numbers identify the manufacturer of the card.
If you need a free MAC changer for Windows with less features you can try TMAC
(Scroll down a little).....it's another good one w/database of manufacturers.
If a website cannot see your computer's MAC address, then what is being shown here? http://www.ipaddresslocation.org/find-mac-address.php
Separate names with a comma.