How far beyond a router/gateway can a MAC address be traced, and how?

This is a question about the traceability of MAC adresses beyond their immediate router/gateway.

I've been wondering how far beyond a router a LAN computer's MAC address is broadcast and/or traceable? Let's say there's a cafe with free internet access, and for an hour a user will occupy 192.168.0.XXX, broadcasting his MAC address to the router. Is this traceable by the upstream ISP, or anyone else, and if so, how?  

As a sidenote, most routers I don't think keep good logs by default - so  once the user is gone from the cafe/IP address, where are there any traces of him having been there?

 Any information WITH solid documentation (on the Internet) is most welcome.

Thanks,

Peter
paxAsked:
Who is Participating?
 
Don JohnstonInstructorCommented:
No. MAC addresses (source and destination) are stripped off at each router. Nobody past the first router your traffic hits can determine your MAC address.

While the routers may not keep detailed information, it is possible to monitor the activity of users.
0
 
paxAuthor Commented:
don,

Thanks - but can you also point me to something in writing that states/explains that in at least as much detail as you mention?

Regarding monitoring, can you say what you mean by that, or how you mean that?
0
 
Don JohnstonInstructorCommented:
>but can you also point me to something in writing that states/explains that in at least as much detail as you mention?

The OSI model.

>Regarding monitoring, can you say what you mean by that, or how you mean that?

By using a protocol analyzer, it is possible to observe the traffic that crosses a network. If it is a switched network, the switch will have to be configured to forward the traffic to the port with the analyzer.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
paxAuthor Commented:
Don,

I sure would appreciate if you could point me to more than just 'the osi model' - I've looked it up, but it does not answer my question. I understand this is a non-brainer to you, but I would just like to have some published information that talks about the stripping of the MAC address at the first point of routing.

Regarding monitoring, could you be specific with terms and names about, let's say, a wifi network in a coffee shop that gets its pipe from the local telco via dsl? What has to be installed, where, confiugred how, roughly, to monitor how much of the lan traffic? What's an example of such software?

Thanks!
0
 
paxAuthor Commented:
Anybody: another expert, or a bit more detailed response from Don, would be very helpful in order to wrap up this question. I  am increasing the points a bit.

Thanbks,

Peter
0
 
Don JohnstonInstructorCommented:
Might as well go directly to the source. :-)

http://www.faqs.org/rfcs/rfc791.html

Regarding monitoring, a wireless protocol analyzer such as linkferret will allow you to see traffic transmitted over a WIFi network.
0
 
paxAuthor Commented:
Don,

I appreciate your pointers, however they are not very helpful to me. Your pointer to rfc791 leads to a 33 page document that mentions neither the words MAC or router - I am sure I would learn something by reading through it all, as would have been true with your before reference to the long explanation of the OSI model, however if I have to do all the research, then I would not need to post here at EE. As such, your pointer to rfc 791 does not answer my questions about MAC addresses.

Regarding wireless network monitoring, it appears that linkferret is no longer available as software, and that the last versions available require a  Cisco/Aironet or WaveLAN/Orinoco card in order to use it successfully. I have neither, as don't most people I imagine.

I understand that the latter question was not part of my original post, and therefore will gladly award the points once my original questions is successfully and satisfingly answered.

I would of course greatly appreciate if you or someone else could point me to a implementable solution on how I could monitor traffic on a wireless network I am on, so that I could understand how that works practically. I will be happy to open that as a new question.

Peter
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.