Can Known Hardware ID Make You Discoverable?

In order to get onto a university's wireless system, I would have to give the sysops the identity of my computer, which looks something like

00:bc:44:e3:ad:21

1. Does this mean the government fascists can find me anywhere in the world if they know this hardware address?

2. Can they read my terminal?

3. What software do they use to know it is my computer?

4. Is there any way I can change my hardware address?

Anonymous via the Cypherpunks Tonga Remailer <(E-Mail Removed)>
wrote:

> 1. Does this mean the government fascists can find me anywhere in the
> world if they know this hardware address?

If they have access to every wireless access point in the world, yes.

> 2. Can they read my terminal?

What terminal?

> 3. What software do they use to know it is my computer?

The OS running on the access point?

> 4. Is there any way I can change my hardware address?

Depends on your wireless card.


Juergen Nieveler
--
If two wrongs don't make a right, try three

In article <(E-Mail Removed)>,
(E-Mail Removed) says...
> In order to get onto a university's wireless system, I would have to give the sysops the identity of my computer, which looks something like
>
> 00:bc:44:e3:ad:21
>
> 1. Does this mean the government fascists can find me anywhere in the world if they know this hardware address?

It's not the government you have to worry about, it's people that want
into your machine from any walk of life. Anyone that knows your MAC or
your workstation name, can see you on their network. The MAC does not
extend beyond your local network, so you don't have to worry about
someone outside of it seeing it.

> 2. Can they read my terminal?

Possibly - it depends on how your OS/System is setup.

> 3. What software do they use to know it is my computer?

Network sniffers, tracing apps, etc.... If your computer registers it's
connection with the DHCP or DNS server then it's very easy to see it's
you. Then there is the fact that you are broadcasting information about
your identity all over the airwaves....

> 4. Is there any way I can change my hardware address?

I depends on the card you use and if it permits it - some do, some
don't. It won't matter unless you are wearing a foil hat or at least one
made of copper.


--

(E-Mail Removed)
remove 999 in order to email me

On Fri, 12 Aug 2005 19:19:11 +0200 (CEST), Anonymous via the
Cypherpunks Tonga Remailer <(E-Mail Removed)> wrote:

>In order to get onto a university's wireless system,
>I would have to give the sysops the identity of my computer,
>which looks something like
>
>00:bc:44:e3:ad:21

That's your MAC address. Start here:
http://standards.ieee.org/regauth/oui/index.shtml
Nothing listed for your MAC address. Hmmm...

>1. Does this mean the government fascists can find me anywhere in the world if they know this hardware address?

No. The client MAC address is not transmitted in the TCP/IP packet
header. Only the ethernet packet header contains the source MAC
address and that ends at the switch or router.

However, the university switch or router has a table of connected MAC
addresses and associated IP addresses (ARP table) that can be used to
point to your machine. It will certainly point to the access point to
which you're connected. The rest of the world will not be able to
find you because they do not have access to the university switch
information, but the university can certainly get close.

Also, most universities use some form of proxy server and
authentication login for users to connect to their system. This will
identify the "portal" to which you're connecting and furthur help
locate you computer.

I've also done some work with direction finding of 802.11 and suspect
that you can be easily located if you don't take any countermeasures.

Be advised the wonderful people at Microsoft imbed tracking
information in the header of any MS Word, Excel, PowerPoint, and
Access file that is unique to your machine and can be used to
positively identify the machine of origin.

>2. Can they read my terminal?

Of course. They can sniff all the traffic to and from your machine.
Most university systems are NOT encrypted, but might go through a VPN.
If the VPN termination is at a university server, they can capture all
your traffic.

If you mean can they dive into your computer and snoop around, that is
largely a matter of how secure or insecure you setup your computah.
An amazing number of Windoze boxes have open shares or disabled
firewalls that are easily accessible.

>3. What software do they use to know it is my computer?

Ummm... To identify your computer? None. They are not trying to
identify the machine. They're interested in identifying the user.
When you login to the university network, you identify yourself. The
idea is that you can sit in front of any machine, login, and you get
to use the university network. The probably do log the MAC address of
the machine you're using.

>4. Is there any way I can change my hardware address?

Sure. Windoze does not use the MAC address on the card. It uses
whatever it excavates from the registry. Wanna spoof a MAC address?
http://www.gorlani.com/publicprj/mac.../macmakeup.asp (MAC)
http://www.klcconsulting.net/smac/

So, what crime are you planning to commit? Terrorism perhaps? Stolen
wireless card? Many skools will suspend your computer access
privledges if you do something disgusting such as what I suspect
you're planning. Hopefully, whatever it's worth the risk.

Incidentally, I have a friends son who got burned in one of the "zero
tolerance" stupidities at his university. They had a ban on *ALL*
MP3's on university ftp or web servers. He's a music student and
placed some of his own compositions on his web server and was caught
by the university robot security daemon. It took about 3 months to
get his computer access back even though the university admitted that
it was a proper exception.



--
# Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
# 831.336.2558 voice http://www.LearnByDestroying.com
# http://802.11junk.com
# (E-Mail Removed)
# (E-Mail Removed) AE6KS

In article <(E-Mail Removed)>,
Anonymous via the Cypherpunks Tonga Remailer <(E-Mail Removed)>
wrote:

> 3. What software do they use to know it is my computer?

The software is built into the routers or access points. They get a
list of all the MAC addresses that are allowed to use the university
network, and ignore any other machines. This is done to prevent the
network from being a public hotspot that anyone can hook into.

--
Barry Margolin, (E-Mail Removed)
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***

Anonymous via the Cypherpunks Tonga Remailer <(E-Mail Removed)> writes:

>In order to get onto a university's wireless system, I would have to give the sysops the identity of my computer, which looks something like

>00:bc:44:e3:ad:21

>1. Does this mean the government fascists can find me anywhere in the world if they know this hardware address?

No.



>2. Can they read my terminal?

If you let them in.


>3. What software do they use to know it is my computer?

???


>4. Is there any way I can change my hardware address?

Yes, you can spoof your address if you have the right card, but why?

The harware address is used to address your machine on the local net (ie
after the ip address has narrowed it down to your local net)

> No. The client MAC address is not transmitted in the TCP/IP packet
> header. Only the ethernet packet header contains the source MAC
> address and that ends at the switch or router.

Do you remember when the MAC address was also part of Microsoft Word
document headers?

http://www.iss.net/security_center/a...ing/Methods/Te
chnical/Spoofing/MAC/default.htm

So in terms of being tracked globally, from a technical point of view it
depends on precisely what is meant although in the context of being
pinpointed by a nice big arrow on a big screen in Big Brother Central
Ops, No.

David.

On Fri, 12 Aug 2005 19:19:11 +0200 (CEST), Anonymous via the Cypherpunks
Tonga Remailer wrote:

> 4. Is there any way I can change my hardware address?

To what end? The network administrator needs to know a MAC address in order
to associate your computer to the network. Whatever MAC address you use,
whether the factory assigned MAC address, or the one you spoof; they will
have it, and know which computer it belongs to.

--
Norman
~Shine, bright morning light,
~now in the air the spring is coming.
~Sweet, blowing wind,
~singing down the hills and valleys.

NormanM wrote:

> On Fri, 12 Aug 2005 19:19:11 +0200 (CEST), Anonymous via the Cypherpunks
> Tonga Remailer wrote:
>
>> 4. Is there any way I can change my hardware address?
>
> To what end? The network administrator needs to know a MAC address in
> order to associate your computer to the network. Whatever MAC address you
> use, whether the factory assigned MAC address, or the one you spoof; they
> will have it, and know which computer it belongs to.

You can use different MAC for different networks. Your movements can't be
tracked, unless the netops correlate their log files, which seems unlikely
to ever happen.

But then you must play the game to the bitter end: use different application
layer identifiers, different writing style, etc. Why bother...

-- Lassi

> whether the factory assigned MAC address, or the one you spoof; they will
> have it, and know which computer it belongs to.

Not unless he spoofs someone else's MAC address. They'll have *an*
address but won't know which computer it belongs to.

Unless they bother to hunt him down by triangulating his position via
the access points. (or trace him down the copper path).

David.