I have couple questions regarding MAC address changes:
1) When we change the MAC address, it will change the firmware of NIC, or just temporary change? My observation is just temporary change.
2) Do you think changing MAC address can secure the machine more? I mean at least hackers cannot keep track on the machines that easily? Well, maybe hackers should use IP address, but my observation is that when I change the MAC address, IP address will change as well.
3) I try it myself, when I change the MAC address, it will change the IP address as well. IP address is assigned by ISP, maybe ISP assigns the IP address based on the MAC address of the machine as well? MAC address identifies the network card, and IP address identifies the computer on the internet.
IMHE, changing your MAC address is a useless method of providing security, and can cause worse problems. # It is a form of Security by Obscurity.
# The MAC address is the lowest level identity in networking. See OSI model to understand this ( for example). You absolutely must have a unique MAC address on all networked devices. If you go changing this identity element, and cause a conflict, you could cause yourself and other people grief. # If you change your MAC address in an attempt to change your IP address on a public Internet service, you could cause pain for a few people, including another subscriber, and the ISP. Changing your IP address is another form of Security by Obscurity.
It makes no difference for security. MAC addresses are relevant only on the local network. They are discarded as soon as your packets pass through a router.
The ISP doesn't assign an IP address based on the MAC address. It assigns a new address to what appears to be a new computer. It won't reassign the previous one, until the lease expires.
1) The MAC address will/should be changed permanently in the firmware. You need to do this only in special cases, especially when your Internet service provider instructs you do this!
2) NO! The MAC is not a security service. Whenever the MAC changes, the network card is told to be a different unit and another IP address is issued. Use a firewall.
3) See complete description of answer 2. MAC address identifies the PC to the network. ISP DHCP service locates new MAC address on their systems. IP address does not identify your PC to the Internet. IP address provides the "signals" so that your PC can "talk" with the Internet. The IP addresses identifies your ISP only.
What happens if you change it, and cause a conflict with another ISP customer? Some ISPs that do dynamic addressing hash the MAC address to derive IP address.
BTW, posting your email address openly will get you more unwanted email, than wanted email. Learn to munge your email address properly, to keep yourself a bit safer when posting to open forums. Protect yourself and the rest of the internet - read this article.
And if you try to connect using a MAC address currently in use by another customer, what happens? If you appear to be an already known customer (previously seen MAC address), will it assign the same IP address, will it declare that IP address in use and assign another address, or wilt it declare an unidentified problem and maybe disconnect both instances of the same MAC address?
No, I don't see how just changing the MAC address makes much difference. Since the ISP only controls a range of IP addresses, all a hacker needs to do is ping everyone of them, and try to penetrate those that respond. This method would work whether you changed the MAC address or not.
Perhaps they do. However, this is merely security by obscurity. Jim
There are three MAC addresses that you can control. Kindly specify which one you want to play with.
The WAN side MAC address. This is what the ISP uses to assign an IP address for the ARP table. Every time you change this MAC address, the DHCP server thinks it's a new computer and will assign a new IP address. This will drive your ISP nuts. If you duplicate a MAC address in use at the ISP, your traffic will either stop or get screwed up. It will also trigger an alarm if they have arpwatch or some other duplicate MAC/IP address daemon running.
The MAC address of your computer on your LAN assuming you have a router. This can be temporarily changed with a registry tweak. It does nothing useful as this MAC address is not seen on the internet. Changing it will temporarily screw up your LAN ARP table but that can be fixed with: apr -d your_LAN_IP_address
The MAC address of the wireless access point in side your wireless router. This will cause some confusion to attackers as programs such as Netstumbler will think there are multiple access points. However, the same thing will happen to valid wireless users.
Ummm.... none that I know about.
Have you verified that as true? I have 3 mailboxes that I have used since the stone age of the internet (when it was all Usenet, there was no web, and everything ran on Telebit modems with UUCP). I have never bothered to mung, mutilate, or otherwise hide my email addresses. I get no more junk email than any of my friends and accomplises that go through rediculous exercises to avoid the spammers. If you want to get rid of spam, start here:
Yup. And the smaller they are (but not zero), the longer it's gonna take your typical clueless ISP support staff to realise that that's the cause of the problem!
What James means is that all Network Interface Cards that can talk _DIRECTLY_ to each other need to be unique. On your LAN, that means all hosts on "this" side of the router. There is nothing wrong with having the identical MAC address on the "other" side of the router. In a Sun workstation, _all_ network interfaces have the same MAC address (it's determined by a parameter in the equivalent of the BIOS on the motherboard, _not_ the network card). So, I've got a Sun box with three network interfaces (to three different subnets) and they all have the same MAC, though "different" IP addresses like
192.0.2.35/24 on hme0, 198.18.10.35/24 on hme1, and 198.18.24.35 on hme2.
Cite please. (Honest and true - no one uses a hash of the MAC, because of the way MAC addresses are allocated, verses the size of an IP subnet.) Just for jollies, as of the first of this month, there are 8643 OUI assignments (the top 24 bits of the MAC address). These are scattered in a semi-haphazard way from 00:00:00: which is assigned to Xerox, to AC:DE:48: which is assigned to a private entity. The assignment of the lower 24 bits of the MAC address are totally at the pleasure of the assignee - if they want to start at :00:00:00 and increment up or at :FF:FF:FF and work down - or both, or something else entirely, that's fine with the IEEE. All they care is that you don't duplicate an address (although that has happened on a lot more than one occasion).
What you may be thinking is 'pre-assigned' addresses in DHCP, where the poor sod who has to configure that abomination manually assigned a MAC:IP address combination in the configuration file. Thus, when a host with MAC address of 08:00:20:E7:54:8A comes up, the DHCP server knows that this host is to get "that" address, and no one else.
Hi, Your ISP may expect your old MAC address. Some ISP wants one registered MAC address all the time. Talked to your ISP tech support? My ISP does not care about MAC address. Tony
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.