- Posts: 242
- Thank you received: 0
I read your tutoral on MAC addresses but I still don't under
21 years 1 month ago #1338
by Jack
Jack Burgess,
Firewall.cx Staff
News Editor / Forum Moderator
www.jacksjunk.com
Replied by Jack on topic Re: I read your tutoral on MAC addresses but I still don't under
In a nut shell, the MAC address is hard coded (burnt into) the NIC (Network Interface Card). Every NIC has its own MAC address. It’s the physical ID of that NIC and they are as unique as your fingerprints are.
If you hack or connect to me, some of the info you leave behind on my logs are your IP and MAC address. Of course I can obtain your MAC with out you connecting to my box by other means.
If you engage in illegal activity and the police take your computer this is one of many ID’s they will look at. To change your MAC you will need a new NIC or do MAC spoofing. I have not tried but I was advised that XP can MAC spoof?
Of course I’m not instructing you to spoof or engage in any illegal activities.
If you attempt to educate yourself on spoofing then you should always have a test network or VMWare to practice.
Hope this has helped some.
If you hack or connect to me, some of the info you leave behind on my logs are your IP and MAC address. Of course I can obtain your MAC with out you connecting to my box by other means.
If you engage in illegal activity and the police take your computer this is one of many ID’s they will look at. To change your MAC you will need a new NIC or do MAC spoofing. I have not tried but I was advised that XP can MAC spoof?
Of course I’m not instructing you to spoof or engage in any illegal activities.
If you attempt to educate yourself on spoofing then you should always have a test network or VMWare to practice.
Hope this has helped some.
Jack Burgess,
Firewall.cx Staff
News Editor / Forum Moderator
www.jacksjunk.com
21 years 4 weeks ago #1346
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: I read your tutoral on MAC addresses but I still don't under
First off... the mac address is the layer 2 address.. as opposed to the layer 3 ip address.. I don't know why you'd want to log a mac address unless you're on the same subnet as the guy who's attacking you ! The source mac address will change to that of the last router that it went through.. have a look if you haven't understood
www.eventhelix.com/RealtimeMantra/Networking/ip_routing.htm
That packet has been juggled around with lots of routers stripping the frame and changing it to represent their source address. Thats why you log the layer 3 address, because it never changes in the packet.
As far as spoofing a mac address I'm pretty sure nemesis can inject packets with the data link header prewritten.. though frankly I've never done this, it would only be meaningful if you spoofed the IP address.. and then seeing the return packets would mean you'd have to sniff for them.... thus you'd have to be on the same subnet (network segment).
I hope I made my point, its early in the morning and I need some coffee.
Cheers
www.eventhelix.com/RealtimeMantra/Networking/ip_routing.htm
That packet has been juggled around with lots of routers stripping the frame and changing it to represent their source address. Thats why you log the layer 3 address, because it never changes in the packet.
As far as spoofing a mac address I'm pretty sure nemesis can inject packets with the data link header prewritten.. though frankly I've never done this, it would only be meaningful if you spoofed the IP address.. and then seeing the return packets would mean you'd have to sniff for them.... thus you'd have to be on the same subnet (network segment).
I hope I made my point, its early in the morning and I need some coffee.
Cheers
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.138 seconds