Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How far beyond a router/gateway can a MAC address be traced, and how?

Posted on 2007-12-05
8
Medium Priority
?
1,209 Views
Last Modified: 2008-02-18
This is a question about the traceability of MAC adresses beyond their immediate router/gateway.

I've been wondering how far beyond a router a LAN computer's MAC address is broadcast and/or traceable? Let's say there's a cafe with free internet access, and for an hour a user will occupy 192.168.0.XXX, broadcasting his MAC address to the router. Is this traceable by the upstream ISP, or anyone else, and if so, how?  

As a sidenote, most routers I don't think keep good logs by default - so  once the user is gone from the cafe/IP address, where are there any traces of him having been there?

 Any information WITH solid documentation (on the Internet) is most welcome.

Thanks,

Peter
0
Comment
Question by:pax
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 50

Accepted Solution

by:
Don Johnston earned 400 total points
ID: 20414964
No. MAC addresses (source and destination) are stripped off at each router. Nobody past the first router your traffic hits can determine your MAC address.

While the routers may not keep detailed information, it is possible to monitor the activity of users.
0
 

Author Comment

by:pax
ID: 20475614
don,

Thanks - but can you also point me to something in writing that states/explains that in at least as much detail as you mention?

Regarding monitoring, can you say what you mean by that, or how you mean that?
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 400 total points
ID: 20475930
>but can you also point me to something in writing that states/explains that in at least as much detail as you mention?

The OSI model.

>Regarding monitoring, can you say what you mean by that, or how you mean that?

By using a protocol analyzer, it is possible to observe the traffic that crosses a network. If it is a switched network, the switch will have to be configured to forward the traffic to the port with the analyzer.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:pax
ID: 20543741
Don,

I sure would appreciate if you could point me to more than just 'the osi model' - I've looked it up, but it does not answer my question. I understand this is a non-brainer to you, but I would just like to have some published information that talks about the stripping of the MAC address at the first point of routing.

Regarding monitoring, could you be specific with terms and names about, let's say, a wifi network in a coffee shop that gets its pipe from the local telco via dsl? What has to be installed, where, confiugred how, roughly, to monitor how much of the lan traffic? What's an example of such software?

Thanks!
0
 

Author Comment

by:pax
ID: 20638451
Anybody: another expert, or a bit more detailed response from Don, would be very helpful in order to wrap up this question. I  am increasing the points a bit.

Thanbks,

Peter
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 400 total points
ID: 20638846
Might as well go directly to the source. :-)

http://www.faqs.org/rfcs/rfc791.html

Regarding monitoring, a wireless protocol analyzer such as linkferret will allow you to see traffic transmitted over a WIFi network.
0
 

Author Comment

by:pax
ID: 20654990
Don,

I appreciate your pointers, however they are not very helpful to me. Your pointer to rfc791 leads to a 33 page document that mentions neither the words MAC or router - I am sure I would learn something by reading through it all, as would have been true with your before reference to the long explanation of the OSI model, however if I have to do all the research, then I would not need to post here at EE. As such, your pointer to rfc 791 does not answer my questions about MAC addresses.

Regarding wireless network monitoring, it appears that linkferret is no longer available as software, and that the last versions available require a  Cisco/Aironet or WaveLAN/Orinoco card in order to use it successfully. I have neither, as don't most people I imagine.

I understand that the latter question was not part of my original post, and therefore will gladly award the points once my original questions is successfully and satisfingly answered.

I would of course greatly appreciate if you or someone else could point me to a implementable solution on how I could monitor traffic on a wireless network I am on, so that I could understand how that works practically. I will be happy to open that as a new question.

Peter
0

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question