MAC Address – What Is This All About?

I had a question from someone on what exactly is the “MAC Address” and can it be used to hack my system. 

For some of us, this may seem a simple, but I started to think of what the Trolls are saying about the MAC address. 

First off, the Media Access Card (MAC) address is a unique value associated with a network adapter on your computer or other network device.  The MAC address is physically associated with these devices.  The network adapter can be either wired or wireless.  For the wired network adapters, this is where you plug the CAT5 cable from your router or modem into your computer.  The wireless network adapters can also be a card that plugs into your motherboard, but often are a small USB device that plugs into your computer. 

The network adapter allows your computer (and other network enabled devices in your home – Firewall/Router, Smart Phones, Blu-Ray player, HDTV, Xbox, eBook reader, etc.) to communicate with other devices and networks.  For most of us, the technical details are not important, as long as you can get out to the Web.

The MAC address is 12 digits (hexadecimal, 48 bits) in the following format:

00:A0:C9:14:C8:23

The first 6 digits (00:A0:C9) identifies the manufacturer – this one is Intel Corp.

The last six digits (14:C8:23) are the serial number of the network adapter.

So how does this relate to the Trolls?

One of the things the subpoena allows the Trolls to get from the Internet Service Provider (ISP), such as Comcast, is the MAC address of the first network device which connects to their network.  As most of us use a wireless firewall/router, this is usually the device.  The ISP does what is known as “MAC Filtering.”  If they didn’t do that, then anyone could connect a modem to the network and get free service. 

The ISP takes the MAC address from the device and enters it into a list they allow to connect to their network, AKA “Whitelist.”  Note: the opposite of this is a “Blacklist,” which blocks specific MACs.

So if you only have one computer that connects directly into the modem (and no firewall/router), the MAC address is from that systems network adapter.

If you run a firewall/router at your location, the MAC address is from that device, as it is the first device to connect to the modem. 

So what is “MAC Spoofing?”

MAC Spoofing is when you change the MAC address of the network adapter.  If you have a firewall/router, this is easily accomplished.  Why would I want to do this?  Well, here is an example:

I just purchased a new firewall/router and want to install it on the network.  My network set-up is ISP-modem-firewall/router-computers.  I know that my ISP MAC filters, so prior to changing the firewall/router I write down the MAC address of my old firewall/router.  I connect up the new firewall/router and go into the internal settings of it.  I select “MAC Spoofing” and enter in the MAC address of the old firewall/router.  The ISP only sees the authorized MAC address (even though the hardware has changed) and I’m up and running again.

Knowledge of a MAC address does not give someone the ability to hack a network or system.  Knowing the MAC address of system could allow someone to spoof it and gain access to a network (if the network MAC filters).       

So what does it mean if the Troll has the MAC address provided by the ISP?  It shows them what MAC address is associated with your IP address and authorized to connect to their network?  If it ever went to court (doubtful), they need to show the link from their investigative results (Peer-to-peer monitoring) to the ISP, and then down to your network. 

Does it mean you are guilty?  NO.  The MAC address is just like the IP address the Trolls love to point to – MAC address and/or IP address does not equal culpability.  If your try to tell the Troll that “I didn’t do that,” he will point to the fact that the ISP’s records show the IP address assigned to you and the MAC address.  They will say since they match up, you did it or are at least are responsible for the infringement. 

No proof, just words associated with the threat of being named in a federal court case and having to spend thousands of dollars to defend yourself.  As I have previously stated, the very limited investigative activity the Trolls do, does not make an “Open & Shut” case for them.  They know this and that is why they try so hard to contact you and get more information out of you.  Anything you say to the Troll will be used against you if they can.  That is why you will hear over and over again not to talk to the Trolls.  By talking to them you provide additional details they don’t have, as well as ways to work on countering your claims.

DieTrollDie  🙂

About DieTrollDie

I'm one of the many 'John Does' (200,000+ & growing in the US) who Copyright Trolls have threatened with a civil law suit unless they are paid off. What is a Copyright Troll? Check out the Electronic Frontier Foundation link - http://www.eff.org/issues/copyright-trolls
This entry was posted in bitTorrent, copyright, infringement, open wifi, p2p, piracy and tagged , , , , , , , . Bookmark the permalink.

One Response to MAC Address – What Is This All About?

  1. John Doe says:

    Insider information: Comcast does not log MAC addresses for anything other than your cable modem’s which is ultimately the one you have provisioned with them. They do not give a rats for what you connect behind it even though whatever device you connect to the modem is the one ultimately exposed to their DHCP servers, being the one to receive the Comcrack public IP. You change this device’s MAC address, then you receive a new IP. You try to change your modem’s MAC address, you get no service, simple as that.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s