MAC Addressing

From HackOps
Revision as of 11:55, 7 June 2025 by Vegard (talk | contribs) (Created page with "= MAC Addressing = Every device on a network has a built-in network interface, and that interface is assigned a unique identifier called a '''MAC address''' (Media Access Control address). == What is a MAC Address? == A MAC address is a 48-bit identifier burned into the device’s network interface card (NIC) by the manufacturer. It's written as 12 hexadecimal digits, grouped in pairs, separated by colons. '''Example:''' <pre> a4:c3:f0:85:ac:2d </pre> === Breakdown...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

MAC Addressing

Every device on a network has a built-in network interface, and that interface is assigned a unique identifier called a MAC address (Media Access Control address).

What is a MAC Address?

A MAC address is a 48-bit identifier burned into the device’s network interface card (NIC) by the manufacturer. It's written as 12 hexadecimal digits, grouped in pairs, separated by colons.

Example: 

a4:c3:f0:85:ac:2d

Breakdown

Section Meaning
a4:c3:f0 Manufacturer ID (also called OUI - Organizationally Unique Identifier)
85:ac:2d Unique device identifier

No two NICs are supposed to have the same MAC address — unless spoofed.

How MAC Addresses Work

MAC addresses operate at Layer 2 of the OSI model (Data Link layer). They’re used for communication within the same local network (LAN).

While IP addresses can change, MAC addresses usually stay the same — unless manually altered.

Routers and switches use MAC addresses to direct traffic inside local networks. Once the data goes outside the local network (to the internet), IP addresses take over.

MAC Spoofing

Despite being "hardcoded," MAC addresses can be changed (spoofed) in software. This is known as MAC spoofing.

Why Spoof a MAC Address?

  • Bypass MAC-based filtering (e.g. in cafés, hotels)
  • Mimic trusted devices to gain access in misconfigured firewalls
  • Circumvent "one device per user" limits on public Wi-Fi
  • Preserve anonymity on monitored networks

Example Scenario

A firewall is configured to allow traffic only from the MAC address of the administrator. If an attacker spoofs that MAC address, the firewall might wrongly allow unauthorized access.

Real-World Example: Public Wi-Fi

Many guest networks use MAC-based access control:

  • A hotel Wi-Fi gives limited access per MAC address
  • Faster or paid access is bound to the MAC of one device
  • By spoofing your MAC, you can reset your usage or impersonate another device

Why MAC Addressing Matters in Hacking

Understanding MAC addressing helps with:

  • Device fingerprinting and identification
  • Performing man-in-the-middle (MITM) attacks
  • Evading basic network restrictions
  • Launching local network impersonation attacks

See Also

Retrieved from "https://hackops.wiki/index.php?title=MAC_Addressing&oldid=169"