MAC Addressing

From HackOps
Revision as of 11:56, 7 June 2025 by Vegard (talk | contribs) (How MAC Addresses Work)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

MAC Addressing[edit | edit source]

Every device on a network has a built-in network interface, and that interface is assigned a unique identifier called a MAC address (Media Access Control address).

What is a MAC Address?[edit | edit source]

A MAC address is a 48-bit identifier burned into the device’s network interface card (NIC) by the manufacturer. It's written as 12 hexadecimal digits, grouped in pairs, separated by colons.

Example: 

a4:c3:f0:85:ac:2d

Breakdown[edit | edit source]

Section Meaning
a4:c3:f0 Manufacturer ID (also called OUI - Organizationally Unique Identifier)
85:ac:2d Unique device identifier

No two NICs are supposed to have the same MAC address — unless spoofed.

How MAC Addresses Work[edit | edit source]

MAC addresses operate at Layer 2 of the OSI Model (Data Link layer). They’re used for communication within the same local network (LAN).

While IP addresses can change, MAC addresses usually stay the same — unless manually altered.

Routers and switches use MAC addresses to direct traffic inside local networks. Once the data goes outside the local network (to the internet), IP addresses take over.

MAC Spoofing[edit | edit source]

Despite being "hardcoded," MAC addresses can be changed (spoofed) in software. This is known as MAC spoofing.

Why Spoof a MAC Address?[edit | edit source]

  • Bypass MAC-based filtering (e.g. in cafés, hotels)
  • Mimic trusted devices to gain access in misconfigured firewalls
  • Circumvent "one device per user" limits on public Wi-Fi
  • Preserve anonymity on monitored networks

Example Scenario[edit | edit source]

A firewall is configured to allow traffic only from the MAC address of the administrator. If an attacker spoofs that MAC address, the firewall might wrongly allow unauthorized access.

Real-World Example: Public Wi-Fi[edit | edit source]

Many guest networks use MAC-based access control:

  • A hotel Wi-Fi gives limited access per MAC address
  • Faster or paid access is bound to the MAC of one device
  • By spoofing your MAC, you can reset your usage or impersonate another device

Why MAC Addressing Matters in Hacking[edit | edit source]

Understanding MAC addressing helps with:

  • Device fingerprinting and identification
  • Performing man-in-the-middle (MITM) attacks
  • Evading basic network restrictions
  • Launching local network impersonation attacks

See Also[edit | edit source]

Retrieved from "https://hackops.wiki/index.php?title=MAC_Addressing&oldid=170"