What Can Someone Do With Your Mac Address
What could someone do if they knew my MAC address?
Assuming someone knows my MAC ddress (someone inside my network or outside), could they exploit it or do some action on my behalf or any action that needs to be considered?
Because I have noticed some people on YouTube hide their MAC address.
techraf9, 03111 gold badges43 silver badges60 bronze badges
asked Jul 19 ’16 at 20:46
0
Your MAC address is your machine’s hardware address. This is mostly only important when an attacker is on the same network as you. At this point an attacker could do deauth attacks or intercept your traffic by posing as the networks router. However if an attacker is on or near your network is is trivial to get your MAC address. You can also change your MAC address as you please. The people trying to hide their MAC address likely do not fully understand networking and erroneously believe it to be a risk.
schroeder♦119k52 gold badges273 silver badges306 bronze badges
answered Jul 19 ’16 at 20:52
MAC addresses aren’t particularly sensitive, and are only available in your local network. The MAC address isn’t available once the traffic leaves your local area network, although if you’re using IPV6 your IP address may be based on the MAC address.
However, sometimes the MAC address is used, and embedded in the meta-data of some versions of Office products. An attacker might be able to identify you as the author of a document if he/she were to know your MAC address. This was true a number of years ago with Microsoft Office. I’m not sure if it’s still the case, or if any other files contain the MAC address as meta-data of the file creator.
answered Jul 19 ’16 at 21:51
Steve SetherSteve Sether21. 4k8 gold badges49 silver badges75 bronze badges
Someone on the same broadcast domain could direct traffic to their machine by announcing their IP address mapped to your MAC address and then forward on the traffic acting as MITM.
Of course, if all your traffic is encrypted, this is somewhat limited, but they still will see meta data e. g. the servers you are communicating with but not the content.
answered Jul 19 ’16 at 21:13
DarraghDarragh1, 0828 silver badges14 bronze badges
2
Already in the 1980s it was possible in the WDC-adapter drivers to replace the hardware MAC address with another address. So if I knew your MAC address and I saw that you left the subnet, I could pretend to be you (your computer), run a torrent server, send spam mails, threat mails, start hacking attempts, you name it. And on the next morning, it’s not the milkman who’s knocking on your door.
answered Jul 19 ’16 at 21:14
ott–ott–1281 gold badge1 silver badge9 bronze badges
4
Q: Is there any problem if i gave someone my wifi mac address
Jun 8, 2014 4:05 PM in response to Phenom95
In response to Phenom95
Probably not. The MAC address is a unique 12 character string assigned by the manufacturer. Unless your device has been granted access to some secure network based solely on its MAC address… giving it out should not be a problem. It is not common for network security to rely on MAC addresses.
Jun 8, 2014 4:05 PM
Jun 8, 2014 4:43 PM in response to Phenom95
Phenom95 wrote:
Is there any problem if i gave someone my wifi mac address??? Why do you want to do that in the first place?
Jun 8, 2014 4:43 PM
Jun 8, 2014 5:35 PM in response to Phenom95
The MAC (Media Access Control) address is unique for every ethernet or WiFi interface and is assigned when the chip is you send network packets over ethernet or WiFi, your MAC address is included in that message. It will be stripped off of the message at your router, and the body of the message will get a new router MAC address for the next hop. So you are letting other devices in your local network see your MAC address, and when you use your WiFi in a public WiFi hotspot, the MAC address is visible to the hotspot router, and any device also using the hotspot that may be sniffing WiFi traffic at the mentioned by piperspace, some network facilities (think schools, or other places where they only want members of the select group to have access) need to register their MAC address so that the routing equipment will know your device is part of the allowed group of users (this is an alternative to using passwords that may be given out to visiting friends, that the facility does not want). NOTE: There are some Device/OS/Software combinations that allow changing the MAC address that can fool such MAC address checks by pretending to be a registered in a few situations, there is sofware that uses the MAC address as a Software registration key, so that you give the MAC address to the software company and they generate a license key that will only work on the device with that MAC address. Of course if you have your motherboard replaced, or you need to exchange your iOS device for a replacement as part of a warranty repair, or you just decide to upgrade your equipment for newer better device, your MAC address will change and the licensed software locked to your MAC address will not run, requiring you to contact the company and get a new license key, if the company is still in said the MAC address is unique to the device, so in theory it might be used to identify you. But for the most part it does not mean a whole heck of a lot, as you have been broadcasting it everytime you access the network, especially when out in while I would wonder why someone wants your MAC address, if it is for a good reason, then it is most likely not all that big a deal. If it is for a software licence, the software may not be a good deal in the long run, but that is a purchase/tradeoff decision.
Jun 8, 2014 5:35 PM
Jun 8, 2014 7:14 PM in response to BobHarris
In response to BobHarris
BobHarris wrote:
NOTE: There are some Device/OS/Software combinations that allow changing the MAC address that can fool such MAC address checks by pretending to be a registered, spoofing MAC addresses is trivial, and everything necessary to change your MAC address is part of OS X itself. There is at least network protocol that actually depends on setting the MAC address to specific values, too — this capability is something that many network controllers expressly permit, going back to the earliest days of another way, MAC security really isn’t all that secure.
Jun 8, 2014 7:14 PM
Jun 8, 2014 7:43 PM in response to MrHoffman
In response to MrHoffman
MrHoffman wrote:
There is at least network protocol that actually depends on setting the MAC address to specific values, tooBesides DECnet, what other protocols (It is a serious question, as my low level network knownledge is mostly odd bits and pices of knowledge gleamed from running into it like a brick wall, or what I read on the internet). And if it is only DECnet, I’m not sure the Phemom95 with his iPhone 5c cares ).
Jun 8, 2014 7:43 PM
What is a MAC address, and what does it reveal about me? – Super User
From wikipedia’s MAC address:
A Media Access Control address (MAC
address) is a unique identifier
assigned to network interfaces for
communications on the physical network
segment. Logically, MAC addresses are
used in the Media Access Control
protocol sub-layer of the OSI
reference model.
MAC addresses are most often assigned
by the manufacturer of a network
interface card (NIC) and are stored in
its hardware, the card’s read-only
memory, or some other firmware
mechanism. If assigned by the
manufacturer, a MAC address usually
encodes the manufacturer’s registered
identification number. It may also be
known as an Ethernet hardware address
(EHA), hardware address, adapter
address, or physical address.
Although intended to be a permanent
and globally unique identification, it
is possible to change the MAC address
on most of today’s hardware, an action
often referred to as MAC spoofing.
Unlike IP address spoofing, where a
sender spoofing their address in a
request tricks the other party into
sending the response elsewhere, in MAC
address spoofing, the response is
received by the spoofing party.
However, MAC address spoofing is
limited to the local broadcast domain.
In the IPv4 world, the MAC address of your computers is not propagated or detectable beyond your local network. This means that under normal browser operation (without plugin intervention), the MAC address of any computer positioned behind the router is not sent beyond the router, and so cannot be used to track you over the Internet. However, the router uses it internally in order to identify the local computers.
In IPv6, the 64 bit “host” part of the full 128 bit address is often automatically generated from the MAC address, and hence often is visible to the server one connects to. This means that outsiders may trace the MAC address of your router and your Internet-connected computers. IPv6 gives a public, routable address to every last PC, server, printer or network device (unless the router does NAT processing, which is rare in IPv6).
If Private IPv6 addresses (defined in RFC 4941) is turned on, the
exposed identifier is generated as a random number rather than from the MAC. This is the default on many operating systems, but can be turned on and off. For further info see
How to avoid exposing my MAC address when using IPv6.
In any case, your ISP always knows who you are and can trace anything you do, unless the traffic is encrypted by using a VPN.
Frequently Asked Questions about what can someone do with your mac address
Is it safe to give out your MAC address?
The MAC address is a unique 12 character string assigned by the manufacturer. Unless your device has been granted access to some secure network based solely on its MAC address… giving it out should not be a problem. It is not common for network security to rely on MAC addresses.Jun 8, 2014
What does a MAC address reveal?
If assigned by the manufacturer, a MAC address usually encodes the manufacturer’s registered identification number. It may also be known as an Ethernet hardware address (EHA), hardware address, adapter address, or physical address.
What can MAC address spoofing be used for?
Motivation. Changing the assigned MAC address may allow the user to bypass access control lists on servers or routers, either hiding a computer on a network or allowing it to impersonate another network device. MAC spoofing is done for legitimate and illicit purposes alike.
