If you know the hardware address of your NIC, is it possible to trace your PC, to another location?

[BD2003]

Say your PC was stolen, on a college campus.

Every NIC has its own MAC address. If someone were to reconnect it to the campus network, would they be assigned a different IP since theyre in a different location? And wouldnt that IP correspond to a specific location, ie, their room? But since the MAC address is the same, you'd know its yours, and you could go kick his ass?

Or does the IP stay the same, but is still otherwise traceable by tracing the route through the switches or pinging or numerous other programs?

Noones stole my computer yet, but its happened to a few friends of mine, and I'd like to know if its at all possible.

I'd assume all you'd need is a helpful IT staff, who would probably have all the connection logs, and could tell you everything you needed to know?

 

[LukFilm]

I'm quite sure that the IP address changes with location.

 

[BD2003]

Regardless, the IT squad at your school should be able to somehow search for a MAC address, on their own network, right?

 

[rbaibich]

Yes, you could scan the MAC adress, but only inside your LAN, so you have to suspect where your computer is in order to find it. Not only that, you must have something to prove that your computer had a NIC w/ that MAC address.

 

[BD2003]

It can be proven, because our PCs have to be registered to work on the resnet. The MAC address is listed with the person who registered it, and you need your own password to do so.

Since the campus is one big LAN, would the IT people be able to scan? I'd doubt you'd be able to do so, but if your computer was stolen, and they have the power to find it, why wouldnt they?

 

[Paulson]

So someone stole your pc?

Why not just ask? If I knew what you did, I'd already be asking.

At least ask. That way you wont have to sit and ponder if they will or wont

 

[BD2003]

Like I said, noone stole my PC.

I dont want to start a fuss with the IT people over a "just in case" question.

Besides, I'm not so much concerned with whether the IT people will help or not, I'm mainly concerned with whether its technically feasible or not.

 

[rbaibich]

<< Since the campus is one big LAN, would the IT people be able to scan? I'd doubt you'd be able to do so, but if your computer was stolen, and they have the power to find it, why wouldnt they? >>



Well, the campus is not one big LAN. It's several LAN's linked up. If your PC's need to be registered in the resnet in order to have network access, then yes, IT people could trace it anyway. If not, routers, some hubs, switchers and such should block the MAC address from being publicated outside the LAN.

 

[PhiI2e]

Just write down the mac of your nic just in case....then when someone steals your pc, go kick their ass with all your friends (that had theirs stolen) to back you up. Break one of his fingers so he cant type

 

[E3Art]

im a little rusty here, but if you know your MAC you should be able to find the IP using ARP(address resolution protocal), and if you know the IP you should be able to find the MAC using RARP(reverse address resolution protocal). (or is it the other way around?) your IT department will know.


you may want to post this in the networking section instead. they may know more

 

[smp]

"Break his fingers so he can't type"

hehehehe. The ultimate nerd punishment.. kind of like in Kingpin when they chew up his bowling hand with the ball return (yes, I like bowling ).

 

[thomsbrain]

I though MACs could be seen from anywhere... I mean, the IP information is based on top of the MAC stuff, so it must be down there somewhere. You ought to be able to trace it across the internet... but I don't know for certain.

 

[Nack]

There is a piece of software you can get that supposedly "secures" your PC. The idea is that if your PC is stolen, it will "call home to mama" so to speak, the first time the thief hooks it up to the Internet (at least if the thief is too lazy to reformat). I forget what it is called, because I thought it was a dumb idea at the time (the format problem), but it is out there if you are really worried about it and you think the probable thief will be stupid (i.e. will not reformat and/or will not bother to replace the NIC).

Nack

 

[sohcrates]

the way my school works is that you are "locked down" by your MAC. i.e. if something comes from your IP, then it can be proven that it came from your NIC

a girl had her laptop stolen last week and came down to me (tech support)

basically, only way to get it working on campus network would be to re-register to your room with the new MAC, and it's quite simple for the security office to look that up and tell you what room it's registered to

BUT, any thief worth their clout would know this and either get a new card or use a modem...and that's what happened with this girl, they didn't find anything

 

[ucdnam]

I know that at my school, UC Davis, IT has on occasion caught thieves who stupidly use stolen laptops on campus. Our campus requires you to register the MAC address of your computer and this is stored in a DB along with your name and other info. When it is stolen, you report it to the authorities and they tell their software to look for the MAC address. If it shows up on the school's network, then cops are sent out to the port and the thief is caught.

 

[kjmcdonald]

This is possible to track but it would take intervention by the schools
networking group.

Ethernet works by layering the IP address over top of the MAC address.
Both are listed in every packet that is sent out on the network by your
machine - however the MAC address only stays in the pack until the
the packet crosses through the first router. Each router the packet
passes through changes the 'from' MAC address of the packet to be it's
own MAC address, but it leaves the 'from' IP address as yours. What this
means is that you can't just plugin and scan for a MAC address - you
won't see it unless there are no routers between you and it.

As I said abouve though, it *is* possible. These days, every switch,
router, and even some hubs remember every MAC address they've seen
(since rebooting anyway) and more importantly they remember what port
they saw it on. By scanning what MAC addresses the routers have seen,
the network people could track down what section of the network it had
been used on, and then proceed to work their way through the other
switches to search out how it is connected. In a fully switched network
(well if they switches are smart enough) it may actually be possible
to trace it all the way to a single port in the wall. If there are
'dumb' switches or hubs, then it still should be possible to narrow it
down to 8, 16, 24 or maybe 48 possible ports.

-Kyle