MAC Address - Touch Pro2, Tilt 2 Windows Mobile General

Greetings...I'm trying to determine the MAC address of my HTC TP2's 3G radio. I am setting up a firewall rule to only alow a specific MAC address to pass for specific services. Any ideas as to how to determine the MAC address of the internal radio?
Thanks,
Chris

chrisb009 said:
Greetings...I'm trying to determine the MAC address of my HTC TP2's 3G radio. I am setting up a firewall rule to only alow a specific MAC address to pass for specific services. Any ideas as to how to determine the MAC address of the internal radio?
Thanks,
Chris
Click to expand...
Click to collapse
MAC of the 3g radio...? Certainly you mean the wlan radio.
When I enable wifi in WinMo, there's an "advanced" button at the bottom. Then choose wi-fi info, IP and MAC.

Response....
Not the WiFi radio...the 3g radio as I need access outside my network through a UTM. I guess the first question should have been, is there a MAC associated with the 3g radio?
Thanks,
Chris

chrisb009 said:
Not the WiFi radio...the 3g radio as I need access outside my network through a UTM. I guess the first question should have been, is there a MAC associated with the 3g radio?
Thanks,
Chris
Click to expand...
Click to collapse
Odd.
I'd guess there is, but I've never heard of anyone caring about it lol. IP probably wouldn't work so well either, what about hostname or smth else?
What if you lose your phone?
I'll see what I can dig up.
Edit - wait... if your packets are going thru a layer-3 router (which undoubtedly they are at some point) the MAC will be lost. So this won't work at all, even if you did find the MAC of your phone.

Response...
I couldn't find anything through searches....The IP would be of a dynamic nature so I couldn't use it however the thought about a host name is an idea. I'll have to inspect the packets to determine if a host name is present. On my inital inspection I captured a MAC however that MAC seems to be dynamic and did change a few times using one of two MAC'S thoughout the capture. Also...during the capture I captured IPv6 MAC's....not IPv4. I'm just wondering if the CDMA network assigns a dynamic MAC instead of using a hardware based MAC? I would find this highly unlikely however it could be a possibility.
Thanks,
Chris

chrisb009 said:
I couldn't find anything through searches....The IP would be of a dynamic nature so I couldn't use it however the thought about a host name is an idea. I'll have to inspect the packets to determine if a host name is present. On my inital inspection I captured a MAC however that MAC seems to be dynamic and did change a few times using one of two MAC'S thoughout the capture. Also...during the capture I captured IPv6 MAC's....not IPv4. I'm just wondering if the CDMA network assigns a dynamic MAC instead of using a hardware based MAC? I would find this highly unlikely however it could be a possibility.
Thanks,
Chris
Click to expand...
Click to collapse
Please read my edit about layer-3 routers. I'm having this same problem at work, in relation to sniffing VoIP RTP streams passively. When crossing a layer-3 router/switch, the MAC is lost in transit.

Response...
I believe I finally nailed down the actual MAC address. My packet monitor was set for the monitoring a different port on the switch.....should have been set for X1 instead of X0. I'll make the changes to the firewall and all should be good. This exercise is for a handheld utilizing a SIP client tied into my VoIP server....I only allow specific SIP clients to access my VoIP server....helps prevent hacking and unauthorized phone use.
Thanks,
Chris

Response...
I'll report back my findings after I make the configuration changes.....I am assuming this will work as I already have this in place for all SIP providers currently in use.
Thanks,
Chris

Findings....
Ok...one small detail I forgot.....is that MAC addresses change with each hop. With that being said.....the only way to "filter" incoming packets is to filter by IP address. I currently filter all SIP related protocols by carrier/provider IP address. Now this creates an issue due to the fact handhelds outside of the network will have dynamic IP's assigned by the cellular carrier. I'll have to continue to research this....I believe the only work around might be a VPN tunnel originating from the handheld into the network.
Thanks,
Chris

chrisb009 said:
Ok...one small detail I forgot.....is that MAC addresses change with each hop. With that being said.....the only way to "filter" incoming packets is to filter by IP address. I currently filter all SIP related protocols by carrier/provider IP address. Now this creates an issue due to the fact handhelds outside of the network will have dynamic IP's assigned by the cellular carrier. I'll have to continue to research this....I believe the only work around might be a VPN tunnel originating from the handheld into the network.
Thanks,
Chris
Click to expand...
Click to collapse
That's what I told you, twice now...

Actually..
You mentioned loosing the MAC address across a layer 3 router....the MAC address is lost across any router regardless of it's layer capability thus I will implement a different solution.
Chris

chrisb009 said:
You mentioned loosing the MAC address across a layer 3 router....the MAC address is lost across any router regardless of it's layer capability thus I will implement a different solution.
Chris
Click to expand...
Click to collapse
What router operates only at the layer-2 level? lol.

Related

[Q] Change device id for wifi?

My wife and I both have evo's. When at home on wifi my netgear wgr614v7 router seems to have issues connecting both properly. It seems to be a device name problem. Both phones have the same name, different mac addresses but the router us giving them both the same ip address. I have setup static routes to each phone, which helps get different ip's, but I'm still having connection problems with one phone when both are being used.
Is there a way to change the name that my evo broadcasts to my router?
Hers is stock and I am using Fresh's rom.
travlincablguy said:
I have setup static routes to each phone, which helps get different ip's
Click to expand...
Click to collapse
They will anyway get different IP's (I'm talking about private IP 192.168.*.*), for device id maybe someone can edit that in .wireless tether .apk for you because as far I can see that part is kind of integrated and hidden inside.
I am not using the tether function. The static route I setup ensures that every time my evo with it's mac address ending in :d2 always gets 192.168.0.6, Heather's phone is always .3.
Thanks for your input, but I don't think you understood what I was asking.
travlincablguy said:
My wife and I both have evo's. When at home on wifi my netgear wgr614v7 router seems to have issues connecting both properly. It seems to be a device name problem. Both phones have the same name, different mac addresses but the router us giving them both the same ip address. I have setup static routes to each phone, which helps get different ip's, but I'm still having connection problems with one phone when both are being used.
Is there a way to change the name that my evo broadcasts to my router?
Hers is stock and I am using Fresh's rom.
Click to expand...
Click to collapse
I'm thinking you could change the device name in the build.prop in the system folder.
Ahhah, thank you sir, I will look into that.
Edit: after looking threw build.prop I could not find the device id. Which is a bummer. I finally talked my wife out of her iphone and she is now a bit pissy about not being able to use the internet at the same time. No 3 or 4g service at the house either. We have to use an airrave to talk on the phone.
What's the device name in your router?
Also, FWIW, your router shouldn't have any problems with two different MAC addresses connecting. DHCP ID is irrelevant. It sounds more like your problem is a bad router, you're on the edge of its range, or there's something deeper wrong (ie, some other piece of network hardware). As far as I know, you can't change the DHCP Client ID on the phone. It's always been android_(sting of letters/numbers) for me, and it correlates with the Exchange device ID (if you use an Exchange account).
That is the id that shows up. I am thinking the router needs to go. I cannot live without any of the devices that I have connected to it. I do appreciate your insight.
Heh, you good sir are in luck:
http://review.cyanogenmod.com/#change,2164
http://review.cyanogenmod.com/#change,2165
CyanogenMod 7 ('unno about 6) just got a feature to let you change the DHCP client ID.

MAC Address Changing with every Reset?

Just updated my HD7 to the update with internet sharing. After this, I can confirm that every time I reboot my phone, I get a new mac address. Which prevents me from connecting to my MAC-address-filtered wifi. I've done it 6 times and gotten 6 unique MAC addresses.
Does this happen to anyone else's phone? HD7 specific? or all phones with internet sharing? My internet sharing is turned off.
That's strange, I've never heard of a device with a dynamic MAC address before. Does your phone have one printed under the battery?
Nope, just IMEI, SN and PN. No MAC address.
This must be related in internet sharing somehow.
silvertonesx24 said:
Does this happen to anyone else's phone? HD7 specific? or all phones with internet sharing? My internet sharing is turned off.
Click to expand...
Click to collapse
I can confirm this on my HD7.
MAC changes on every reboot.
I confirm too,i have the issue of mac adress changing every reboot
& my wifi is not visible since the update,My wifi is N and i can only see wifi G near me but not mine
hi
for me too : mac adress change after shutdown.
for time don't shutdown the phone to have same mac adress with my internet box.
htc support tell me that they will answer on monday.
but i think it's a big problem with this update...
Ben
That's a bit strange. Normally you can't change MAC's for yourself, only spoofing is possible. If WP is really changing the MAC adress with every reboot, WP needs a valid MAC adress block licensed from IEEE, otherwise it would be a violation against IEEE.
I thought mac address we're never aloud to change!?
Lol that's illegal as all hell, a dynamic mac address
Gotta be a glitch in the firmware surely? No way that's allowed. Your definitely sure it's not a dynamic IP address you're seeing?
Sent from my SGH-i917 using Board Express
ive also asked this question a couple of days ago right after applying the htc internet sharing update. and ive posted my question here (entry #38) and people provided good answers about it. hope this helps
Yes, mine also changes it's only when i read this thread and test my hd7 and i notice the changes.But I S is a breeze.
The issue is that some people assign static IPs to devices on their home networks, and this is done in most routers via MAC address coupling (MAC a always gets IP z and so forth). That way you can simply block all devices you and people in the residence do not own. I do it on all my machines for development reasons, cause I like knowing I can always use x IP address to get at a certain machine even if I turn it off or it's down for a while for repairs. The IP never changes as long as I continue to use that specific network card in the computer.
I don't know why they would do that. Perhaps for security reasons?
I have the same problem - cannot connect to my University WiFi network as the MAC address keeps on changing....
This is crazy!
They better get on that quick! They could get in a lot of **** for that
putting aside the weird WP7 behaviour for the moment...
MAC filtering is useless as a security measure. It's trivially spoofable by anyone who actually wants to attack your network, and causes a pain in the arse for yourself. do yourself a favour and disable it already. the only thing it might be good for is router-side internet access control of your technically challenged 8 year old who doesn't know how to use google.
just use a strong password i.e. 20+ characters alpha (upper & lower) + numeric + special characters, and proper wireless security (WPA-2 AES, or at least WPA AES) and you'll be just fine.
Confirming
That update was a bag full of $$$$ !Luckly I was able to restore through Zune,but my Bootloader (SPL) was also updated to 5.01 and no way of going back!
With regards to the missing WiFi network - make sure it's not using Channel 13. The new update seems to disable the use of Channel 13 for some reason.
There is also another issue with the changing MAC's - I believe that some "public" WiFi networks such as the cloud use the MAC to remember your device and allow it to connect...
primexx said:
putting aside the weird WP7 behaviour for the moment...
MAC filtering is useless as a security measure. It's trivially spoofable by anyone who actually wants to attack your network, and causes a pain in the arse for yourself. do yourself a favour and disable it already. the only thing it might be good for is router-side internet access control of your technically challenged 8 year old who doesn't know how to use google.
just use a strong password i.e. 20+ characters alpha (upper & lower) + numeric + special characters, and proper wireless security (WPA-2 AES, or at least WPA AES) and you'll be just fine.
Click to expand...
Click to collapse
Mac filtering is not useless as a security measure. It's not used by itself. It's used in conjunction with other methods, the same way businesses also hide their wireless network's SSID.
I'm not filtering on an Open Connection. That would be retarded.
Seriously...
GrahamWager said:
With regards to the missing WiFi network - make sure it's not using Channel 13. The new update seems to disable the use of Channel 13 for some reason.
There is also another issue with the changing MAC's - I believe that some "public" WiFi networks such as the cloud use the MAC to remember your device and allow it to connect...
Click to expand...
Click to collapse
im not sure though but im guessing so does other apps with secured log in parameters. i do have the bank of america app. right after i did the update, and after inluding the new mac to my networks allowed list of mac addresses, the boa app again posted a message saying that the device where im accessing boa has not been used previously to access the account. so im guessing that it saves all the mac addresses of devices that accessed a boa account.

Help... Wifi Mac Address Changes On Every Reboot

Hey fellow GN users!
I seem to be having a problem with my wifi mac address changing every time I reboot... I was wondering if this is a hardware or a software problem? I have mac address filtering set on my router so it would be convenient if the mac address didn't change... I'm still on my first week with the phone and I want to make sure everything works before my 14 day period is over. Is anyone else having this problem? Anyone know a fix if they are having the problem? Any help would be most appreciated! Thanks!
Galaxy Nexus (LTE)
Unlocked, Rooted
Flashed with Android Revolution HD 2.1.2
Welcome to the club!
http://code.google.com/p/android/issues/detail?id=23330
From my support call to Samsung, this is apparently a software issue, but I'm not sure I believe that 100%. For me, I switched my home wifi around to use WPA-2 with a ridiculously long password and no MAC filter to make me no longer care, but that's just me I'm secretly hoping to be the guy that can tell Google "hey - you fixed it!!", probably why I don't push harder to exchange my phone.
Please add a comment/star to my Google Code issue if you don't mind; the more people that chime in the better off we will be. I truly believe that a lot of GNs have this problem since it's not something that most people would notice.
If getting rid of your MAC filter is impossible, you should really consider exchanging your device, I imagine it will be quite a while (if ever) for this to get fixed. Call me a pessimist if you must.
Odd, isn't a MAC address suppose to be hard flashed to the radio?
Mine started changing the Mac address today after rooting. The last month with it running stock, no issue. Hmmm, used the Galaxy Nexus tool kit for rooting.
MAC address filtering is not really a good security measure. It is very easy for someone to see the MAC addresses connected to a particular WAP and clone one of them.
You are much more secure using WPA2 with a decently long password.
I just started experiencing the problem yesterday. My phone DID have a 2c:44 address and I switched roms pretty frequently. I flashed an update to the Codename rom that I had been using for a while, and I wasn't able to connect to my router. Knowing what I thought I knew about MAC addresses I didnt think about it, i rebooted all sortsa crap, then thought what the hell check the mac filter list, and sure enough mine had changed, and now i'm sporting one of the dreaded 00:90:4c addresses and the last few characters change every reboot... I am not a happy camper.
I understand how it isn't an amazing security option, but in a small apartment building in the sticks in PA I know my neighbors have no idea how to get around it. WPA2 uses up too much bandwidth overhead for streaming 1080p over wifi. That's why I dont use it and use MAC filtering.
acroanidd said:
I understand how it isn't an amazing security option, but in a small apartment building in the sticks in PA I know my neighbors have no idea how to get around it. WPA2 uses up too much bandwidth overhead for streaming 1080p over wifi. That's why I dont use it and use MAC filtering.
Click to expand...
Click to collapse
It is not a bandwidth overhead but a resource hog. But I get your jist. I save all my HD streaming for wired.
Have you done an EFS partition backup?
Sent from my Galaxy Nexus using XDA App
I didnt know what and EFS partition was until I just googled it and I've been rooting / rom'ing phones and devices (5 different phones and 2 tablets) for the last 2 years and never once heard of it.. that being said i did a nandroid backup and restoring it did not help
I'm going to try Odin flashing back, I read somewhere it fixes IMEI / EFS corruption, heres hoping it works for wlan mac addresses. Only place I found an Odin image of it was from megaupload so it will take a long time to get it...
Edit: if you clicked on the link for the firmware i posted, do NOT click it, i think that was GSM
Well that was a bust, odining back didn't help... I dont want to risk swapping the phone out considering i put one of those zagg screen protectors on it for a phone that is going to have the same problem... I am concerned because of the fact that i did have a valid sticking mac address, and all of a sudden it just stopped which leads me to believe it is totally software related.
frogskins said:
MAC address filtering is not really a good security measure. It is very easy for someone to see the MAC addresses connected to a particular WAP and clone one of them.
You are much more secure using WPA2 with a decently long password.
Click to expand...
Click to collapse
Was just about to say it. +1000. There is nothing about MAC address filtering that is secure. Anyone can spoof the MAC address, and its easy to intercept them when in range.
Use a normal security protocol and you'll be better off all around. MAC filtering is just a hassle anyways.
martonikaj said:
Was just about to say it. +1000. There is nothing about MAC address filtering that is secure. Anyone can spoof the MAC address, and its easy to intercept them when in range.
Use a normal security protocol and you'll be better off all around. MAC filtering is just a hassle anyways.
Click to expand...
Click to collapse
Thank you for your concerns however as I said before I dont need crazy security, I just had to deal with rednecks connecting to my router using torrents a couple times. Since that has happened and i enabled mac filtering I haven't had any problems (i would know because my internet bandwidth would go to crap)
Actually setting up WPA2 is more of a hassle than logging into a router, clicking on one link and typing in the mac address rather than somehow finding a way to configure my network to handle the bandwidth with WPA2, which I have tried, but even with a dual band n wireless ethernet bridge with gigabit out to a gigabit switch doesnt do the trick, disable wpa2 all of a sudden all my video stuttering woes go away.
That is at a personal level, at work I have MAC filtering not to connect as a security measure but my ip address is assigned based on it, and well it's much more complicated than at home... please if you are going to post something in this thread try to be helpful.
acroanidd said:
Actually setting up WPA2 is more of a hassle than logging into a router, clicking on one link and typing in the mac address rather than somehow finding a way to configure my network to handle the bandwidth with WPA2, which I have tried, but even with a dual band n wireless ethernet bridge with gigabit out to a gigabit switch doesnt do the trick, disable wpa2 all of a sudden all my video stuttering woes go away.
That is at a personal level, at work I have MAC filtering not to connect as a security measure but my ip address is assigned based on it, and well it's much more complicated than at home... please if you are going to post something in this thread try to be helpful.
Click to expand...
Click to collapse
Again, it has nothing to do with bandwidth. It has everything to do with the devices ability to encrypt and decrypt packets at full speeds, which obviously your device cannot do. You might want to step up to something a little more powerful.
I can do 1080p streaming on a G network with WPA2 enabled. The difference between my setup and yours? I am using an enterprise grade WAP (Cisco 1242). It has no problems whatsoever doing the encryption and decryption at the full wireless speed.
And I think you mentioned you were located in Central PA, and all you had to protect from was hicks. Well, I am one of those hicks (Live in Central PA as well) and I LOVE cracking in to WAPs
I am having this issue now. any solutions?
acroanidd said:
Thank you for your concerns however as I said before I dont need crazy security, I just had to deal with rednecks connecting to my router using torrents a couple times. Since that has happened and i enabled mac filtering I haven't had any problems (i would know because my internet bandwidth would go to crap)
Actually setting up WPA2 is more of a hassle than logging into a router, clicking on one link and typing in the mac address rather than somehow finding a way to configure my network to handle the bandwidth with WPA2, which I have tried, but even with a dual band n wireless ethernet bridge with gigabit out to a gigabit switch doesnt do the trick, disable wpa2 all of a sudden all my video stuttering woes go away.
That is at a personal level, at work I have MAC filtering not to connect as a security measure but my ip address is assigned based on it, and well it's much more complicated than at home... please if you are going to post something in this thread try to be helpful.
Click to expand...
Click to collapse
WPA2 isn't crazy security. I wouldn't recommend anybody running anything less than WPA2 with 256 bit AES encryption. If you can't run that I recommend upgrading your hardware.
so... i just started having this issue after my battery died last night now today I have a different MAC..
This has to be fixed at kernel level or maybe a script to set the mac at bootup time can be used. really annoying and stupid

[Q] Ip address switches between tmobil and DoD

So no to long ago I decided I would check the my phone's ip address and came across some questionable stuff. Here's my question:
1) How is it that my phone's ip address can change from being registered to tmobil on a 100.x.x.x address to sporadically being registered on DoD 30.x.x.x address?
2) How can it still happen even after I installed android firewall?
Conditions are always the same. I don't download any shady anything's. I pay for my rhapsody account and that's as far as my file sharing goes. I never have my WiFi enabled.
Any ideas or let me know what info you'd need to better access the situation. Thanks.
Without knowing what the allocated ip address really was, there it's really no way of knowing who the current owner of the block is, many blocks are relocated and may no longer be with who they used to be with, especially ipv4 blocks.
Not sure what android firewall would have to due with what the remote ip you are being allocated to with your dhcp network connection.
You should have no real control over what your network connection is given when you connect, other than possible controlling ipv6 vs ipv4.
krelvinaz said:
Without knowing what the allocated ip address really was, there it's really no way of knowing who the current owner of the block is, many blocks are relocated and may no longer be with who they used to be with, especially ipv4 blocks.
Not sure what android firewall would have to due with what the remote ip you are being allocated to with your dhcp network connection.
You should have no real control over what your network connection is given when you connect, other than possible controlling ipv6 vs ipv4.
Click to expand...
Click to collapse
So does this help? the firewall lets me know that even though I have set it up to refuse the block of addresses in which in resides, they're still connection to my phone.
Not sure I'm understanding you anyway. You telling me they temporarily relocate my up because they re no longer with.... yet after a few minutes , sometimes hours, I'm right back to the same ip?
What he was saying I believe is that the IPv4 allocations have been changing do to the available IP address blocks running thin. Companies were encouraged to give up IP blocks that they weren't actually using. In simple terms, a company might have originally owned a block of 100,000 IPs but never actually used more than 50,000. So they gave back a block of 50,000 so another company(s) could use them instead.
I don't believe the IP address' are static on a carrier. I'm not sure but each time you connect to the carrier network (no signal or airplane mode) you could be giving a fresh IP address. Also that is certainly the case if you are on a WiFi network. Unless you phone was set up as a static connection, you would likely receive a new lease on an IP address.
Found this which sounds similar to what you are seeing.
https://blog.wireshark.org/2010/04/t-mobile-clever-or-insane/
chipworkz said:
Found this which sounds similar to what you are seeing.
https://blog.wireshark.org/2010/04/t-mobile-clever-or-insane/
Click to expand...
Click to collapse
Exactly. Internal allocate IP's are normally Natt'd and not actuall the IP you show up on the Internet as.
When you connect to your provider for Network (not using WiFi), the provider (most likely T-Mobile) will allocate an IP to you via DHCP. That IP is what your phone uses to talk to the provider. It most likely is NOT what you look like when you hit the Internet though, that will most likely be a different IP because TMobile is most likely not providing you with an Internet routable IP.
So, right now, I turned off WiFi and I got the IP 100.143.28.84. When my phone touches the Internet though, it shows up as 206.29.182.169.
So at that point in time, my phone is using 100.143.28.84 to get to T-Mobile's network and the Internet sees my phone as 206.29.182.169. the outside IP is in TMobiles published block. And why the internal IP is also, it really doesn't matter what it is because that is not what your phone looks like when it gets to the Internet.
It is possible in your area there are different networks available internally that are given to you when you connect depending on where you physically are and what towers you are closest to. At some times you get the 100.x network and you might even get the same IP as before because of a lease of that IP to your device, but then you move to a slightly different area which is handing out 30.x addresses. All perfectly normal. and the internal IP's really don't matter much.
You can use a search of Whats My IP to see what the Internet thinks your IP is when you get there.
With some providers (Verizon for example) if you are using ipv6, you will always get a non-routable IP, meaning that if you figure out your Internet IP, an outside connection may not get back to you unless your device initiated the connection, but if you use ipv4, they gave you a temp IP that would end up with a routable IP back. You could then use that to connect to your phone using something like VNC or other service. Now days, that is much more likely not the case unless you are paying for that special IP service. I don't know if Tmobile offers that type of service, but Verizon did at least a year or two ago.
In anycase, you firewall shouldn't matter unless you don't want to access your providers network.
In lamens terms I think he's talking about an internel subnet mask
chipworkz said:
Found this which sounds similar to what you are seeing.
https://blog.wireshark.org/2010/04/t-mobile-clever-or-insane/
Click to expand...
Click to collapse
That was a very interesting article. If the author's theory is correct, T-mobile was playing some cute and dangerous IP games in 2010.

MAC Changes?

I'm trying to get my Z2 connected by IPSec to my LAN. Part of that is I want to have it always get a known IP address.
Well the mechanism that most DHCP servers use is setting the MAC to assign a known IP. But checking the logs I find that the Z2 changes MAC every time I establish a new VPN connexion! WTH?
I mean, normally I would see this as a benefit, but I need to be able to pin down what is what so I can give it its rightful IP address, so I can find it later.
When I check interfaces with ipconfig, there are about a dozen of them, and the one getting the VPN IP is tun0.
Nogat 7.1.1, rooted. Anyone know what's going on here?
No one's getting random MACs...

Categories

Resources