Ok, i am part of a LAN that connects to the internet. The server assigns me a IP which i believe is static because it is the same everytime. What information is sent from my computer to the server? Is it possible for them to track down my computer based on not where i connect but from the info that is sent to determine my IP? Is my proccesor id or network card info sent? What makes my computer unique? Sorry if this is too basic.
Each NIC has a MAC address which is unique to it. It is permanently burned to the board, so it (sort of) is always associated with your computer. The DHCP server, the server that dynamically assigns IP addresses, only knows the mappings of those MAC addresses to the IP addresses it assigns. It's also likely that if your IP address is static, that an entry has been made in the server associating that MAC with the IP addressing and reserving it just for you. The MAC address is all I need to track your computer down in a switched environment. If you want to tell if you have a static IP address or not, issue the command in command prompt ipconfig /all. There will be a part of the output that says whether your DHCP is enabled or not.
Of course there are ways around being detected like this, but that's another discussion in and of itself.
THanks for your help,
the DHCP is enabled so the IP is static. If i buy a new NIC then my MAC would be different but if it was persay changed by software, i think it is called "spoofed" then the network would think it was a different computer. Is that legal? Are progrems like SMAC legal and reliable? What is an acceptable MAC and what one would i use if I wanted to since they have to do with the manufacturer serial number?
THanks for your help,
Is that legal? Are progrems like SMAC legal and reliable?
I'm not sure if the word "legal" is the right word as I'm sure there is no specific legislation relating to MAC address spoofing. I think "acceptable" or "legitimate" may be more appropriate. There can be legitimate reasons for changing your MAC address such as:
1. If your Cable provider allows only one MAC address and you want to swap between two PCs.
2. Security/network troubleshooting.
However, if you are part of a network, you may want to check that you are not violating the terms of any agreements you may have entered into. Also you want to make sure that you do not use a MAC address that is already assigned to another NIC on your LAN otherwise you will have conflicts.
I hopes this answers the question on the legality of MAC spoofing software. With regards to useful tools or methods, SMAC is good if you want to pay for it, or you can check out this page
, which describes how to change the MAC address for different operating systems and also contains a link to a free Windows utility, called MacShift
Any 12 digit hexdecimal number is acceptable as a MAC address apart from all 0s and those specified in this link
. In addition, if you want to find out which manufacturer has made a particular card, you can enter the MAC address into this database
Very informative thank you,
This is an interesting topic. What kind of conflicts occur if there are two identical MACs? Should your MAC match your NIC's vendor serial number(the first 3 hex) or can i just try any of various vendors and their coordinating numbers? Of course, excluding 00's and the other non useable numbers. THe MACshift looks very promising. I will be sure to try both it and SMAC. I find it very suspicious that the only means to verify the identity of a computer is a MAC address that can be so easily changed.
Identical MAC addresses in the same segment or subnet will cause you problems at the data link level (Layer 2). Your ARP entries will get messed up and communication will be severely affected. With regards to matching the vendor codes, I don't think you need to worry about that. Any valid (non-duplicate) MAC address will do.
The aim of MAC addresses is not really to identify computers in a security sense. Their primary use is to differentiate between network devices at the data link level and ensure that each device has a unique address. So the main thrust is one of unique addressing rather than security/authentication.