MAC address

viostout · 02-01-2010, 10:09 AM

Hello, I just registered. What people find out about my location/my PC has always bothered me, I was surprised for the 1st time when a website showed my PC model to me. Not like I do anything ileagal in the web

,just curious what info people can actually retrieve about me.
So Shall I start with the questions?:
1. So websites can find out my ip as well as my proxy ip and my city?
2. Websites can find out my PC model as well as my PC's resolution? (btw, any way to hide this?)
3. Websites can find out other websites I visit before them?
4. Is a MAC address available for ANY device? So people can find out that too? Why is there an IP address then?
Thats all I could remember fro now. Thank you for reading

clanmills · 02-01-2010, 11:35 AM

When you connect on the internet, you always reveal your IP address - that's how the system works. You can obtain the physical address of the 'owner' of the IP address and this is usually the address of your ISP.

When you connect your browser to any web site, you always send 'headers' which provide additional information. In particular it provides your 'UserAgent' which is typically your browser type and version.

When the page is loaded by the browser, the page may contain JavaScript which can obtain more information about your computer, such as the screen resolution, the local time and time-zone. Most browsers offer a 'disable JavaScript' option.

In general, you don't reveal your browsing history. However, JavaScript can access your history and send that information back to the server. If you're concerned, then always restart your browser before you move to another site because JavaScript cannot read into 'dead' sessions.

If you want to remain anonymous, you can use a 'proxy'. The 'proxy' is between you and the server in which you are interested and will hide most of your informatation. The server will see the 'proxy' as the client - not you.

If you are worried about the amount of information being revealed, you have several options:
1) Don't use the internet.
2) Only use the internet from the public library.
3) If you use windows, make sure you have good anti-virus software on your machine. And purchase a maintenance contract to keep it up to date.
4) To remain anonymous, use a proxy server.

To answer you last question about MAC addresses. Every network device (your network card) has a unique MAC and is known to the server. However the internet works using IP addresses. I suppose it might be possible to reconstruct the internet to operate on the MAC address. I suspect that the initial internet design (30 to 40 years ago) only had IP addresses, and MAC addresses appeared later on in the development of the internet.

Robin

AboveTheLogic · 02-02-2010, 12:15 AM

Reconstructing the internet to operate only on MAC addresses would be a hugely unefficient method!

IP addresses can be grouped and leased. MAC addresses are set to a particular NIC. To have the whole thing operate on MAC addresses would involve some sort of service activating and deactivating your connection based on MAC, and all the routing machines in the world would need to get that registration info to know where to route requests. This is opposed to the current method of an ISP owning a particular block of IPs, and the other machines on the internet knowing to send requests to that ISP to handle.

I think its possible to figure out the maker of a NIC by MAC. I suspect if a site identified your PC type, then you have a stock PC with probably an onboard NIC.

I've seen some sites that will display your local IP to you as well as your external IP (as whatismyip.com does), but thats only a display to you- the server can't see your local IP behind your firewall unless a browser or some other software on your machine is sending that data to it.

clanmills · 02-02-2010, 01:28 AM

Hi 'Above'

You are totally right. I agree that operating the internet using MAC addresses is not practical. The routing/subnet concepts inherent in the IP address give the network huge flexibility and resilience.

The internet had some very interesting design ideas which reflect its cold war origins. There is no 'big brother' controlling the internet. The messages are able to find their own way through the net - a very desirable property for a network under nuclear attack.

The way in which the internet has been able to grow in size, reach, traffic volume and number of users during the last 15-20 years is an amazing credit to the engineers involved in the design.

So, you're right, it would be hopeless to use the Mac address for routing because it tells you nothing about the location of a device. I wonder why NICs have a globally unique MAC address? Maybe this was added for device identification for use by DHCP servers or simple security.

Robin

0siris · 02-02-2010, 11:40 AM

Quote:

Originally Posted by AboveTheLogic

Reconstructing the internet to operate only on MAC addresses would be a hugely unefficient method!

I haven't looked in a while, but I thought the IPv6 address included at least a portion of the MAC address?
Yes, according to Sun's IPv6 overview.

Quote:

The rightmost four fields (64 bits) contain the interface ID, also referred to as a token. The interface ID is either automatically configured from the interface's MAC address or manually configured in EUI-64 format.

Obviously, that quote says it's not *required*, but it's an option.

clanmills · 02-02-2010, 02:37 PM

You can't disable sending headers with your browser. The HTTP protocol requires a minimum set. However most browsers send more than the minimum. The UserAgent is the most revealing as it tells the server which browser you are. This can be used by the server to decide its response (so a cell phone can receive a different response from a desktop browser). For that matter, the server could return a '404' (not found) for a particular browser or spider.

http://www.whatsmybrowser.com/

I don't know any browser that provides an option to disable UserAgent, however the Safari 'Develop' menu provides an option for you to change it! This is so you can pretend to be different versions of Internet Explorer, or Opera or even user defined. Another header that is almost always found is 'referer'. This is your previous web site. So if you click the link to clanmills.com below, my log will record that you clicked that link from this page. I never look at my logs, so don't worry about this.

I was amazed not to be able to Google up a general purpose header echo, so I wrote one for you:

http://clanmills.com/cgi-bin/echo.pl

I recommend an anti-virus program for all Windows machines. Always. No exceptions. If there is malicious stuff coming over the wire, your anti-virus software could save you from attack.

Ctrl-Shift-Del to clear browser history. Thanks: that's a useful tip.

I can't find a web site which reports your MAC address. I believe that information is on the socket (it's certainly not in the HTTP request headers). Maybe another reader can Google into this and let us know. I could modify echo.pl to get this - however I don't have time today to look into this.

Lastly - thanks for the observation that the MAC address is an optional part of an IPv6 address. Interesting (in my nerdy kind of way)!

Robin

AboveTheLogic · 02-03-2010, 01:34 AM

Quote:

Originally Posted by clanmills

The internet had some very interesting design ideas which reflect its cold war origins. There is no 'big brother' controlling the internet. The messages are able to find their own way through the net - a very desirable property for a network under nuclear attack.

I'm interested in these early design ideas, I might have to look into that!

Quote:

Originally Posted by 0siris

I haven't looked in a while, but I thought the IPv6 address included at least a portion of the MAC address?
Yes, according to Sun's IPv6 overview.

I haven't read much into IPv6 yet, although I should... but sure, there is no harm in including part of the MAC or even the whole MAC in IPv6, but there needs to be the ability to have other parts of the identifying number that allow for universal traffic routing, flexibility, and the ability to reassign IP leases through DHCP.

clanmills · 02-03-2010, 02:25 AM

Hi 'Above'

As I understand it, the packets travelling on the network know their origin and destination - but not the route. So they move along the network searching for a way forward. If they reach a dead-end, they pop back along the route and try other routes to reach their destination.

The reason for this was because the guys in the Pentagon wanted to launch missiles while under attack. After sending a message, part of the network could disappear, and more over there's no way of know it has disappeared.

So the consequences are:
1) When a UDP packet is dispatched, you don't know if it made it! (although I believe IP provides delivery information by sending a reverse 'ack' message).
2) Consecutive packets may take different routes and therefore can arrive out of sequence.
3) The TCP part of the protocol is able to reassemble the packets into a complete message (the packets contain sequence information from which to correctly reassemble the message).

The command tracert.exe (traceroute on UNIX) is rather interesting. Packets contain a 'max hop' which is decremented every time the packet is forwarded. So traceroute tries to find the route by setting 'max hop=1', and 'tell me how far you went when you gave up'. Then max hop = 2 ... and so on until success.

I've run traceroute below to show you how it finds its way from my Mac, to my belkin router, through the ISP and onto the freeway in San Jose. He leaves in Chicago (ord), and a couple of hops later he's at cl11.justhost.com server (which hosts clanmills.com).

Amazing and ingenious, don't you think?

516 /Users/rmills $ traceroute clanmills.com
traceroute to clanmills.com (69.175.29.42), 64 hops max, 52 byte packets
1 belkin (192.168.2.1) 1.198 ms 0.845 ms 0.837 ms
2 h-64-105-136-1.snvacaid.dynamic.covad.net (64.105.136.1) 38.582 ms 37.725 ms 38.286 ms
3 192.168.21.5 (192.168.21.5) 38.018 ms 38.948 ms 37.930 ms
4 ge-6-21.car1.sanjose1.level3.net (63.209.0.173) 37.994 ms 37.230 ms 37.359 ms
5 ae-3-89.edge1.sanjose3.level3.net (4.68.18.144) 38.032 ms 38.247 ms 38.378 ms
6 64.125.13.241 (64.125.13.241) 37.737 ms 38.006 ms 38.501 ms
7 xe-4-1-0.er1.sjc2.us.above.net (64.125.27.90) 38.421 ms 38.965 ms 39.357 ms
8 ge-3-1-0.mpr1.sjc2.us.above.net (64.125.28.18) 40.378 ms 38.758 ms 39.590 ms
9 so-0-3-0.mpr1.ord2.us.above.net (64.125.26.138) 91.750 ms 94.295 ms 90.857 ms
10 xe-1-3-0.cr1.ord2.us.above.net (64.125.29.5) 91.734 ms 91.804 ms 90.762 ms
11 xe-1-1-0.er1.ord2.us.above.net (64.125.26.186) 91.752 ms 90.766 ms 91.352 ms
12 xe-0-1-0.mpr1.ord6.us.above.net (64.125.31.197) 90.926 ms 91.208 ms 90.639 ms
13 64.124.146.110.allocated.above.net (64.124.146.110) 91.720 ms 91.955 ms 91.283 ms
14 asw-fu139.ord03.singlehop.net (69.175.1.150) 91.723 ms 91.331 ms 93.093 ms
15 cl11.justhost.com (69.175.29.42) 91.136 ms 91.990 ms 91.663 ms
517 /Users/rmills $

It's mind-boggling to think that millions of messages are making different journeys all over the globe at the same time and folks are sitting in coffee-shops in Australia or England, saying "clanmills.com's a bit slow today". It's a miracle of engineering.

Robin

viostout · 02-02-2010, 06:04 AM

Thank you

Quote:

Originally Posted by clanmills

When you connect on the internet, you always reveal your IP address - that's how the system works. You can obtain the physical address of the 'owner' of the IP address and this is usually the address of your ISP.

Yeah, I know.

Quote:

When you connect your browser to any web site, you always send 'headers' which provide additional information. In particular it provides your 'UserAgent' which is typically your browser type and version.

Can I disable sending headers?

Quote:

In general, you don't reveal your browsing history. However, JavaScript can access your history and send that information back to the server. If you're concerned, then always restart your browser before you move to another site because JavaScript cannot read into 'dead' sessions.

I just don't understand why on earth one website would want to find out what other websites I have visited. Ctr+Shift+Del clears history in firefox, is that enough?

Quote:

If you want to remain anonymous, you can use a 'proxy'. The 'proxy' is between you and the server in which you are interested and will hide most of your informatation. The server will see the 'proxy' as the client - not you.

Isn't there a X-Redirected-From in this case?
Does a proxy hide only my IP and MAC, or browser and PC model?

Quote:

1) Don't use the internet.

Quote:

3) If you use windows, make sure you have good anti-virus software on your machine. And purchase a maintenance contract to keep it up to date.

I have. What does that change?

Quote:

To answer you last question about MAC addresses. Every network device (your network card) has a unique MAC and is known to the server.

So my PC, Wii and smartphone have that?
Is that also viewable by websites?

02-01-2010, 10:09 AM	#1
viostout Member Join Date: Feb 2010 Posts: 4	MAC address Hello, I just registered. What people find out about my location/my PC has always bothered me, I was surprised for the 1st time when a website showed my PC model to me. Not like I do anything ileagal in the web ,just curious what info people can actually retrieve about me. So Shall I start with the questions?: 1. So websites can find out my ip as well as my proxy ip and my city? 2. Websites can find out my PC model as well as my PC's resolution? (btw, any way to hide this?) 3. Websites can find out other websites I visit before them? 4. Is a MAC address available for ANY device? So people can find out that too? Why is there an IP address then? Thats all I could remember fro now. Thank you for reading

02-01-2010, 11:35 AM	#2
clanmills Super Moderator Join Date: Jul 2008 Location: San Jose, CA Posts: 219	When you connect on the internet, you always reveal your IP address - that's how the system works. You can obtain the physical address of the 'owner' of the IP address and this is usually the address of your ISP. When you connect your browser to any web site, you always send 'headers' which provide additional information. In particular it provides your 'UserAgent' which is typically your browser type and version. When the page is loaded by the browser, the page may contain JavaScript which can obtain more information about your computer, such as the screen resolution, the local time and time-zone. Most browsers offer a 'disable JavaScript' option. In general, you don't reveal your browsing history. However, JavaScript can access your history and send that information back to the server. If you're concerned, then always restart your browser before you move to another site because JavaScript cannot read into 'dead' sessions. If you want to remain anonymous, you can use a 'proxy'. The 'proxy' is between you and the server in which you are interested and will hide most of your informatation. The server will see the 'proxy' as the client - not you. If you are worried about the amount of information being revealed, you have several options: 1) Don't use the internet. 2) Only use the internet from the public library. 3) If you use windows, make sure you have good anti-virus software on your machine. And purchase a maintenance contract to keep it up to date. 4) To remain anonymous, use a proxy server. To answer you last question about MAC addresses. Every network device (your network card) has a unique MAC and is known to the server. However the internet works using IP addresses. I suppose it might be possible to reconstruct the internet to operate on the MAC address. I suspect that the initial internet design (30 to 40 years ago) only had IP addresses, and MAC addresses appeared later on in the development of the internet. Robin Last edited by clanmills; 02-01-2010 at 12:05 PM.

02-02-2010, 12:15 AM	#3
AboveTheLogic Super Moderator Join Date: Jul 2008 Location: Los Angeles Posts: 494	Reconstructing the internet to operate only on MAC addresses would be a hugely unefficient method! IP addresses can be grouped and leased. MAC addresses are set to a particular NIC. To have the whole thing operate on MAC addresses would involve some sort of service activating and deactivating your connection based on MAC, and all the routing machines in the world would need to get that registration info to know where to route requests. This is opposed to the current method of an ISP owning a particular block of IPs, and the other machines on the internet knowing to send requests to that ISP to handle. I think its possible to figure out the maker of a NIC by MAC. I suspect if a site identified your PC type, then you have a stock PC with probably an onboard NIC. I've seen some sites that will display your local IP to you as well as your external IP (as whatismyip.com does), but thats only a display to you- the server can't see your local IP behind your firewall unless a browser or some other software on your machine is sending that data to it. __________________ Internet IP vs. Local IP Port Forwarding

02-02-2010, 02:37 PM	#6
clanmills Super Moderator Join Date: Jul 2008 Location: San Jose, CA Posts: 219	You can't disable sending headers with your browser. The HTTP protocol requires a minimum set. However most browsers send more than the minimum. The UserAgent is the most revealing as it tells the server which browser you are. This can be used by the server to decide its response (so a cell phone can receive a different response from a desktop browser). For that matter, the server could return a '404' (not found) for a particular browser or spider. http://www.whatsmybrowser.com/ I don't know any browser that provides an option to disable UserAgent, however the Safari 'Develop' menu provides an option for you to change it! This is so you can pretend to be different versions of Internet Explorer, or Opera or even user defined. Another header that is almost always found is 'referer'. This is your previous web site. So if you click the link to clanmills.com below, my log will record that you clicked that link from this page. I never look at my logs, so don't worry about this. I was amazed not to be able to Google up a general purpose header echo, so I wrote one for you: http://clanmills.com/cgi-bin/echo.pl I recommend an anti-virus program for all Windows machines. Always. No exceptions. If there is malicious stuff coming over the wire, your anti-virus software could save you from attack. Ctrl-Shift-Del to clear browser history. Thanks: that's a useful tip. I can't find a web site which reports your MAC address. I believe that information is on the socket (it's certainly not in the HTTP request headers). Maybe another reader can Google into this and let us know. I could modify echo.pl to get this - however I don't have time today to look into this. Lastly - thanks for the observation that the MAC address is an optional part of an IPv6 address. Interesting (in my nerdy kind of way)! Robin Last edited by clanmills; 02-02-2010 at 10:17 PM.

02-03-2010, 02:25 AM	#8
clanmills Super Moderator Join Date: Jul 2008 Location: San Jose, CA Posts: 219	Hi 'Above' As I understand it, the packets travelling on the network know their origin and destination - but not the route. So they move along the network searching for a way forward. If they reach a dead-end, they pop back along the route and try other routes to reach their destination. The reason for this was because the guys in the Pentagon wanted to launch missiles while under attack. After sending a message, part of the network could disappear, and more over there's no way of know it has disappeared. So the consequences are: 1) When a UDP packet is dispatched, you don't know if it made it! (although I believe IP provides delivery information by sending a reverse 'ack' message). 2) Consecutive packets may take different routes and therefore can arrive out of sequence. 3) The TCP part of the protocol is able to reassemble the packets into a complete message (the packets contain sequence information from which to correctly reassemble the message). The command tracert.exe (traceroute on UNIX) is rather interesting. Packets contain a 'max hop' which is decremented every time the packet is forwarded. So traceroute tries to find the route by setting 'max hop=1', and 'tell me how far you went when you gave up'. Then max hop = 2 ... and so on until success. I've run traceroute below to show you how it finds its way from my Mac, to my belkin router, through the ISP and onto the freeway in San Jose. He leaves in Chicago (ord), and a couple of hops later he's at cl11.justhost.com server (which hosts clanmills.com). Amazing and ingenious, don't you think? 516 /Users/rmills $ traceroute clanmills.com traceroute to clanmills.com (69.175.29.42), 64 hops max, 52 byte packets 1 belkin (192.168.2.1) 1.198 ms 0.845 ms 0.837 ms 2 h-64-105-136-1.snvacaid.dynamic.covad.net (64.105.136.1) 38.582 ms 37.725 ms 38.286 ms 3 192.168.21.5 (192.168.21.5) 38.018 ms 38.948 ms 37.930 ms 4 ge-6-21.car1.sanjose1.level3.net (63.209.0.173) 37.994 ms 37.230 ms 37.359 ms 5 ae-3-89.edge1.sanjose3.level3.net (4.68.18.144) 38.032 ms 38.247 ms 38.378 ms 6 64.125.13.241 (64.125.13.241) 37.737 ms 38.006 ms 38.501 ms 7 xe-4-1-0.er1.sjc2.us.above.net (64.125.27.90) 38.421 ms 38.965 ms 39.357 ms 8 ge-3-1-0.mpr1.sjc2.us.above.net (64.125.28.18) 40.378 ms 38.758 ms 39.590 ms 9 so-0-3-0.mpr1.ord2.us.above.net (64.125.26.138) 91.750 ms 94.295 ms 90.857 ms 10 xe-1-3-0.cr1.ord2.us.above.net (64.125.29.5) 91.734 ms 91.804 ms 90.762 ms 11 xe-1-1-0.er1.ord2.us.above.net (64.125.26.186) 91.752 ms 90.766 ms 91.352 ms 12 xe-0-1-0.mpr1.ord6.us.above.net (64.125.31.197) 90.926 ms 91.208 ms 90.639 ms 13 64.124.146.110.allocated.above.net (64.124.146.110) 91.720 ms 91.955 ms 91.283 ms 14 asw-fu139.ord03.singlehop.net (69.175.1.150) 91.723 ms 91.331 ms 93.093 ms 15 cl11.justhost.com (69.175.29.42) 91.136 ms 91.990 ms 91.663 ms 517 /Users/rmills $ It's mind-boggling to think that millions of messages are making different journeys all over the globe at the same time and folks are sitting in coffee-shops in Australia or England, saying "clanmills.com's a bit slow today". It's a miracle of engineering. Robin Last edited by clanmills; 02-03-2010 at 02:40 PM.

02-02-2010, 01:28 AM	#4
clanmills Super Moderator Join Date: Jul 2008 Location: San Jose, CA Posts: 219	Hi 'Above' You are totally right. I agree that operating the internet using MAC addresses is not practical. The routing/subnet concepts inherent in the IP address give the network huge flexibility and resilience. The internet had some very interesting design ideas which reflect its cold war origins. There is no 'big brother' controlling the internet. The messages are able to find their own way through the net - a very desirable property for a network under nuclear attack. The way in which the internet has been able to grow in size, reach, traffic volume and number of users during the last 15-20 years is an amazing credit to the engineers involved in the design. So, you're right, it would be hopeless to use the Mac address for routing because it tells you nothing about the location of a device. I wonder why NICs have a globally unique MAC address? Maybe this was added for device identification for use by DHCP servers or simple security. Robin

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode