IP Master: A perfect strategy for MAC addresses (I)

Source: Internet
Author: User

If you access the Internet through campus network or residential area, you must have heard of the MAC address. What is a MAC address?
What is the role of the network environment? Next we will introduce the knowledge of MAC addresses, the differences between MAC addresses and IP addresses, and the security issues involved in MAC addresses in practical applications.

I. Basic Knowledge

Today's networks are implemented in layers. Just like building blocks, we first design modules with specific functions and then combine them to form the entire network. Lan is no exception. In general, we use the IEEE802 Reference Model in networking, from bottom to bottom: physical layer, media access control layer (MAC ), logical Link Control Layer (LLC ).

Identifies a computer on the network. Generally, there are at least three methods. The most common methods are domain name address, IP address, and MAC address, which correspond to the application layer, network layer, and physical layer respectively. Network management is generally used to manage IP addresses at the network layer. However, because the IP addresses of a computer can be set by the user, it is relatively difficult to manage and the MAC address cannot be changed, therefore, Combining IP addresses with MAC addresses becomes a common management method.

2. What is a MAC address?

The MAC address is the address used on the media access layer. It is also called the physical address, hardware address, or link address. It is written in the hardware when produced by the network device manufacturer. The MAC address has nothing to do with the network, that is, no matter where the hardware with this address (such as NIC, Hub, or router) is connected to the network, there is the same MAC address, it is written by the vendor in the BIOS of the NIC. MAC addresses can be either 6-byte (48-bit) or 2-byte (16-bit. However, as the LAN grows, it generally uses a 6-byte MAC address. These 48 bits have their own meanings. The first 24 bits are the addresses of the vendors applying for from the IEEE from the manufacturer of the production network card. The current price is 1000 USD to buy an address block, the last 24 bits are allocated by the vendor. This allocation makes the world's 48-bit MAC address NIC have a unique identifier. In addition, the two-byte MAC address does not need to be requested by the NIC vendor.

The MAC address is usually expressed as 12 hexadecimal numbers. Each two hexadecimal numbers are separated by colons, for example, 08: 00: 20: 0A: 8C: 6D is a MAC address. The first six digits of the hexadecimal number 08:00:20 represent the number of the network hardware manufacturer, which is allocated by IEEE and the last three digits of the hexadecimal number 0A: 8C: 6D represents the serial number of a network product (such as a NIC) manufactured by the manufacturer. Each network manufacturer must ensure that each Ethernet device it creates has the same first three bytes and different last three bytes. This ensures that each Ethernet device in the world has a unique MAC address.

Iii. Differences between IP addresses and MAC addresses

The IP address is based on logic and is flexible, free from hardware restrictions, and easy to remember. The MAC address is physically consistent with the hardware to some extent and can be identified. These two types of addresses have their own advantages. Different addresses are used for different conditions.

4. Why MAC address?

This is determined by the networking method. Today's popular Internet access method (which is also the future direction) is to organize hosts through a LAN and then connect them to the Internet through a switch. In this way, the problem of how to distinguish specific users and prevent theft occurs. Because the IP address is only a logical identifier, no one can modify it at will, so it cannot be used to identify the user. The MAC address is not, and it is solidified in the NIC. Theoretically, there is no way to impersonate the hardware (Network Card) unless it is stolen (note: in fact, it can also be stolen, which will be introduced later ).

Based on the MAC address, the LAN uses a MAC address to identify a specific user. Note: The specific implementation: In the switch, the MAC address and IP address are mapped one by one through a "table", that is, the IP address and MAC binding.

Specific communication method: When a packet is sent to a host in the local LAN, the switch receives the packet, then, the IP addresses in the data packet are mapped to the MAC address according to the ing relationship in the "table" and forwarded to the host with the corresponding MAC address. In this way, even if a host steals the IP address, but because he does not have this MAC address, he will not receive the packet. The sending and receiving processes are similar.

In conclusion, only the IP address and no corresponding MAC address cannot access the Internet in this lan, so the IP address theft problem is solved.

5. How to obtain your MAC address

The MAC address is fixed in the BIOS of the NIC and can be obtained through the DOS command. Win9x users can use the winipcfg command. Win2k/XP users can use the ipconfig/all command. The 12-digit hexadecimal representation is the MAC address.

6. Security Issues Related to MAC addresses

From the above introduction, we can know that this identification method is only based on the MAC address. If someone can change the MAC address, they can steal the IP address and access the Internet for free, at present, this idea is based on the idea that the Internet uses MAC addresses for free access to residential broadband. If you want to steal others' IP addresses, you must know the corresponding MAC address in addition to the IP address. For example, to obtain the MAC address of a host in the LAN, for example, to obtain the MAC address of the TARGET host in the LAN, run the PING command: ping target, in this way, the ARP table cache on our host leaves A record of the target address and MAC ing, and then queries the ARP table through the arp a command, in this way, the MAC address of the specified host is obtained. Finally, use the MAC address of the ARP-s IP Nic to map the IP address of the gateway to its MAC address.


 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.