0

Looking at this related SO question, I can't help but wonder about the uniqueness of MAC addresses.

How unique are MAC addresses?

I'm using them to semi-uniquely identify users. I have a website that users of virtually any device (PC, Mac, iPhone, Android phone, etc.) and any OS can hit via an HTTP request. I use a combination of IP address and MAC address to identify unique users.

I assume the following cases can exist:

  • A device has no MAC address (unlikely, sure, but anyway)
  • A device has a unique MAC address
  • A device has multiple unique MAC addresses
  • Two or more devices have the same MAC address

The first three of these cases are unique (the third because I only need a single unique MAC address). For the fourth case, how likely is this?

That is: given 100 random users (perhaps Windows users for any Windows OS), how many of them can I expect to have the same MAC address? Is it just generally because of the limited length of MAC addresses? Or is it dependent on some sort of purposeful configuration change (MAC address spoofing)?

I'm okay with MAC addresses being semi-unique, I just want some clarity on how to interpret the data.

(I'm using the C# code against .NET 2.0 in the linked question against .NET 2.0.)

Community
  • 1
  • 1
ashes999
  • 9,925
  • 16
  • 73
  • 124

3 Answers3

3

This is only true on the same network.

MAC addresses are resolved locally using ARP to route local packets at a hardware level. ARP is not a routable protocol and is not resolved across subnets.

If your webserver is behind a router with port mapping and all the incoming traffic to it is coming from that router, then every connection will appear to come from the MAC address of the router, you won't 'see' the MAC address of the original machine, not unless you can pick it up with a web page somehow (i'm not a web genius so don't ask me on that one, but Im guessing you'd need some heavy lifting at the client end with Java, or some other kind of active component to interrogate the local machine, easier to use a cookie)

You can find out the Public IP address of the remote machine where the outgoing NAT took place, but once again, there could be multiple device connecting from behind a router which would limit the usefulness of this method, and it means need to look into IP packets, which I have no idea how you can do that from a web server (probably can't?).

Anyway, this is what cookies are for, a way of leaving an identifier on a remote machine so you can see where traffic came from. If people don't accept cookies, unless you start getting very very creative you aren't going to be able to uniquely identify them.

(BTW Mac address are always unique (ok, you can occasionally find a reused MAC, but its extremely rare, or at least needs to be for networking to work!), thats the purpose of them, it's just not much help in this scenario if you are not on the same network)

Ray Barber
  • 31
  • 2
1

100 random users (perhaps Windows users for any Windows OS), how many of them can I expect to have the same MAC address?

Zero. And when they are in the same network, they could not communicate with the same MAC-Address, since Ethernet uses them to find the Computer. They are pretty unique. Producers of network cards get ranges of addresses they may assign to their products.

But: There are ways to manipulate your MAC Address, and there are scenarios where people do just that! For example when you want to enter a network, which is restricted to certain MAC-Addresses, you can manipulate your own to match one of those (if you find out, which ones are on the whitelist). Since I don't know, what your szenario is, (what you wnat to accomplish), I can not tell you if that is relevant for yout.

kratenko
  • 7,354
  • 4
  • 36
  • 61
  • In my case, I'm using it plus the IP as a unique identifier for any given user. Users may be desktop, Windows, Mac, Linux, or may be on any of the various mobile phones out there. – ashes999 Jun 04 '12 at 13:19
  • 1
    @ashes then pay attention that in many cases IP addresses are dynamic and may change for multiple requests from one computer. Identifying a computer by that is dificult. By MAC you identify (not definetly) the network device of the computer (which might have more than one). IP-addr can change for multiple reasons. – kratenko Jun 04 '12 at 14:51
  • Okay. That doesn't answer my question, but thanks, that's very useful for me to know. Assuming static IPs is absolutely a mistake. I guess MAC is sufficient as a semi-unique. – ashes999 Jun 04 '12 at 14:55
0

You just need to understand the difference between a MAC Address (that can be changed) and the identifier of your hardware [your Network Interface Controler to be precise] (that is forever assigned by its the manufacturer).

MAC address is the name of your device when it connects to the internet (through a rooter or a switch). You can change your MAC Address, but by default, this ID uses the identifier assigned by the manufacturer of the network interface controller (NIC) (e.g. your Wifi antena)

Exemple: I've changed my MAC address for my two computers using the same MAC Address: 00:01:02:03:04:06. My computers seems to be the same when connected to the same router but the identifier of their wifi antena remain unchanged and different.

tmangin
  • 429
  • 6
  • 18