Slashdot Mirror

← Back to Stories (view on slashdot.org)

Using MAC Address to Uniquely Identify Computers

Posted by CmdrTaco on from the now-there's-a-useless-idea dept.

An anonymous reader writes "One of Australia's gaming networks, GamesArena has recently imposed a third party program required to access their gaming servers. One of it's features is that it records your NIC's MAC address to identify your computer, and subsequently in future, ban you if you cheat/break the rules etc. The response from players is mixed. It is not open source software, nor is it optional to install. "Install it or find another server to play on". Question remains, is it going too far?" Definitely not- unfortunately it won't work since MACs are changable.

49 of 561 comments (clear)

  1. buy a new network card by Brian+Boitano · · Score: 5, Insightful

    not banned anymore :D

    --
    What would Brian Boitano do?
    1. Re:buy a new network card by shird · · Score: 5, Insightful

      Why bother? The MAC address is usually stored in flash eprom. Besides, whats to stop you from writing your own rogue '3rd party' program which is reverese engineered from the original, only reports a random MAC address.

      Implementing security/restrictions client side doesnt work. period.

      --
      I.O.U One Sig.
    2. Re:buy a new network card by Crewd · · Score: 4, Informative

      Or just change it in your registry settings (windows only of course), similar options exist for *nix...

      http://www.ntfaq.com/Articles/Index.cfm?ArticleI D= 23256

    3. Re:buy a new network card by quigonn · · Score: 5, Insightful

      And usually, the network card's MAC address is stored in RAM, to make it easily accessible by the different drivers that need it (e.g. Ethernet). This makes it changeable with e.g. Linux's ifconfig:

      ifconfig eth0 down
      ifconfig eth0 hw ether DE:AD:BE:EF:BA:BE
      ifconfig eth0 up

      --
      A monkey is doing the real work for me.
    4. Re:buy a new network card by shird · · Score: 4, Insightful

      Actually, now that I think about it more -- These cable companies (Telstra , optus) force you to use their cable modems, which they have tight control over. If everyone using these servers are using it through these modems, which have their own MAC, they could ban based on this MAC address because it would be sent to them directly via ethernet. - this wouldnt require a client side program however, so probably isn't what theyre doing.

      --
      I.O.U One Sig.
    5. Re:buy a new network card by Anonymous Coward · · Score: 5, Funny

      Congratulations, you just violated the DMCA.

      The MAC address checker is a security measure, and you just published information on how to circumvent it.

    6. Re:buy a new network card by Unkle · · Score: 4, Insightful
      Why bother? The MAC address is usually stored in flash eprom. Besides, whats to stop you from writing your own rogue '3rd party' program which is reverese engineered from the original, only reports a random MAC address. Implementing security/restrictions client side doesnt work. period.

      Not everybody knows how/has the ability to change the MAC address of their NIC. Also, three things stop people from writing that rogue program-Time, Skill (in both programming and reverse engineering), and Desire. Not being a huge online gamer I cannot say with 100% confidence, but I doubt that the majority of gamers using this system want to cheat.

      As for the statement that client side security doesn't work, well that isn't completely true. No, this system is not foolproof as I understand it, but that does not mean that there is absolutely no way this could work 90% of the time, which for a gaming network is not that bad. Sure, for the slashdot crowd, this might be easy to crack, but joe-average on the street probably doesn't have a clue what a MAC address is (or they think they don't have one because they use Windows).

      --
      Against stupidity, the gods themselves contend in vain.
    7. Re:buy a new network card by Znork · · Score: 5, Insightful

      Sure it will work 90% of the time. For the 90% that dont cheat, that is.

      The average Cheater Joe off the street will definitely know exactly how to change it. Which makes the whole exercise pointless.

      Heck, client side security with no passwords and disks shared to the world works great 90% of the time. Unfortunately it isnt the 90% that is the problem. It's the rest. And for the rest, repeat after me, client-side security will never ever ever work. If you dont have physical control over a computer you cannot trust anything it tells you.

  2. Oh this will be pissing people off by Anonymous Coward · · Score: 5, Funny

    1) Get your mac adress banned
    2) Sell Network Card
    3) Some one buys new card
    4) They are banned
    There will be plenty of second hand NICS for sale becuase of this. its a 1 2 3 profit plan.

  3. Re:Changable? by anothermortal · · Score: 4, Informative

    Linksys routers (and otherS) allow you to "clone" the MAC address. Its very useful if your cable company has registered the MAC address of the NIC they gave you. Thus, with filtering software, any other NIC won't connect....unless you "clone" it :)

  4. Ban your Enemies by Anonymous Coward · · Score: 4, Interesting

    It's all too easy. Figure out their IP, get their MAC, put it on your router, get banned, change your MAC back, enjoy your new unopposed domination.

    1. Re:Ban your Enemies by Entrope · · Score: 4, Interesting

      That is a fine plan -- assuming you can find their MAC address. I certainly hope the server-side software is not lame enough to advertise it to all users. Many do not even show clients' IP addresses. "Vanilla" TCP/IP does not have any way to give away the lower-level addresses past the first IP router; this includes the MAC address of some guy with whom you have a TCP session.

    2. Re:Ban your Enemies by Dr.+Evil · · Score: 5, Informative

      Microsoft machines will tell you their MAC when you do a NBTSTAT on them. At least one ISP I know of blocks NetBIOS traffic because of uncontrolled file sharing, but I don't know how common that is.

      Personal firewall software should capture the request or block it too, so there are a few ways to thwart the method.

      Of course you still need the IP address, but that's a little easier to find. You could even do a little social engineering to get it... "Hey check out my website dedicated to your demise!"

      As for changing your MAC, what if the third party program doesn't read the MAC from the network stack, but pulls it from the driver? i.e. using the same calls the Network stack uses to get it in the first place?

    3. Re:Ban your Enemies by Alsee · · Score: 5, Informative

      Of course you still need the IP address, but that's a little easier to find. You could even do a little social engineering to get it...

      No need for social engineering. Anytime you play a game with someone you create an internet connection, that means your machine has to know their IP address. On Win98 (and probably all MS OS's) just open a dos window and type NETSTAT to see the text version of their address (userID.AOL.COM), or NETSTAT -N to see the dotted IP address (123.45.67.89).

      Lots of people hesitate to tell you their IP address, thinking it is some big secret. It's rather amusing to get into a game with them and say "Your IP address is 123.45.67.89, your ISP is RoadRunner, and you are in Southern California, right near the coast".

      How do I do the last part, naming their location? Just type their IP address into visualroute. (Requires Java) One end of the line is fixed at the visualroute server, the line shows the physical location of every server along the route to the target. You can click the map to zoom in.

      It is interesting to note that it is not uncommon for servers locations to be completely different from the country code in the address. For example www.indymedia.org.il (Isreal country code) is actually hosed in Chiago USA. Often it is simply more convient getting content hosted on major US server farms, but sometimes it could be relevant for legal reasons, or it could even be intentionally missleading.

      P.S.
      I used www.indymedia.org.il as an example because it's the only example I remember off hand. I recall that one becase indymedia is anti-isreal, and I suspect the Isreal country code may be intentionally missleading. The indymedia "news" sites are certainly independant, but in my oppinion extremely biased and unreliable. It is a good source for certain stories the "major media" may have neglected, but double check any information you get there. The writing often drops to the level of pure propaganda.

      -

      --
      - - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
  5. Ban the IP. by lennywood1 · · Score: 5, Interesting

    Too many violations from that IP range? Ban the /24 it came from. Send back a "Too many cheaters from your ISP" error. MACs are too easily changed, but then again, so are IP's. But considering most gamers have DSL with a static IP, an IP ban is a much better option.

  6. Re:Changable? by snookerdoodle · · Score: 5, Funny

    Uh, that might actually BE the point - anyone with $10 for a new NIC can change their MAC address, no brains required...

    If you have brains, you can save $10... ;-)

    Mark

  7. OMG OMG G4/\/\354R3|\|4 0\/\/5 J00! by pumkinut · · Score: 4, Funny

    As if people whining on CounterStrike weren't bad enough, now we have to listing to 14 year olds complain about having to buy a new NIC every time they cheat online.

    --
    "It's hard to be a man when there's a gun in your hand"
  8. This will work for a while... by MagicFab · · Score: 4, Insightful

    ...until the MAC address generators have gone through all the "MAC-space" of possible addresses...

    Wireless APs like Linksys' already come with a web admin that lets you specify *any* MAC address, apparently to please some cable/adsl providers that measure traffic/authenticate (partly) based on this.

    Why not provide a public key server and ask people to submit they public OpenPGP key, signe by P. Zimmermann himself ? Get your identity trusted by Z. or go play somewhere else... After all, this seems to imply they want "real" players!

    --
    Notepad specialist & FAT administrator, group training available
  9. It's even simpler.. by XaXXon · · Score: 5, Informative

    There's really no need to change your MAC address.

    They're violating the simple rule about never trusting the client. All you have to do is modify this third-party program to have it spit out a random MAC address each time and *poof* the system is worthless. You don't even have to change your MAC address. And since MAC addresses are only used at the Ethernet level, not at the [TCP|UDP]/IP level, it doesn't matter that the server thinks your MAC address is different than it is.

  10. MAC Adress and Cable Modems by bildstorm · · Score: 5, Informative

    They've been trying this crap for years with cable modems. Until I got a router, I used to use two different machines, each with the same MAC address installed. Worked out great. It's easy to change, too. It's also let me on at friends' offices, where access is MAC controlled. We log on a machine, write down the address, shut it down, boot mine up, change the address, and log on.

    Who does it stop? Honest people.

    Who won't it stop? The same people hacking their games in the first place.

    --
    The power of accurate observation is commonly called cynicism by those who have not got it. - G.B. Shaw
  11. ifconfig by Crewd · · Score: 4, Informative

    ifconfig eth0 hw ether aa:dd:rr:ee:ss

  12. Re:Shh... by phil+reed · · Score: 5, Informative
    we could have some major routing issues should people choose the same MAC addresses.

    Uh, no you won't. The only time MAC addresses make a difference is in ARP packets, and the only place MAC addresses make a difference is on your local LAN segment. The fact that two people in different cities have the same MAC address matters not a whit to the routers between them.

    --

    ...phil
    "For a list of the ways which technology has failed to improve our quality of life, press 3."
  13. Hah! Won't work for me! by Gambit+Thirty-Two · · Score: 4, Funny

    I keep a fresh supply of token ring cards handy to swap out if the need arrises.

    And im not joking:
    http://gambit32.org/albums/other/aag.jpg

  14. Maybe not such a bad thing.... by isa-kuruption · · Score: 5, Insightful
    "Install it or find another server to play on". Question remains, is it going too far?"

    No, it's not going too far. The game server admins can run the server however they choose fit. If you don't like the rules, don't use the server!

    Definitely not- unfortunately it won't work since MACs are changable.

    However, the majority of people don't know how to reset their MAC addresses. Also, as I believe to be true, some broadband providers specifically use MAC addresses to verify access. For instance, my Comcast cable modem does everything by MAC, so if I change my NIC in my machine, I need to power off/on the cable modem in order to get back through to the Internet. Although this is sort of a minor issue, some other ISPs may be more strict about MAC changes.

    Overall, the admins figure they will cut out 99% of the hacking attempts as people would just go elsewhere, or once they did cheat, just wouldn't know how to change their MAC.

    1. Re:Maybe not such a bad thing.... by kris · · Score: 5, Insightful

      However, the majority of people don't know how to reset their MAC addresses.

      Welcome to the digital age, where knowledge can be cristallized into programs, and where the majority of people will soon be able to reenable their access to the gaming server by running some magic program without ever knowing what a MAC address is.

      Kristian

  15. Modems by DJPenguin · · Score: 5, Funny

    What happens if you are logged in via dial-up? Will it ban the MAC address of the box at the ISP that you're dialed in to? :)

  16. NAT routers by MartinB · · Score: 5, Interesting

    NAT routers such as the Linksys range allow you to specify the MAC address from their web-based setup - ideal if your broadband provider insists on you registering (and limiting the number of) MAC addresses of all the machines going to connect.

    I wonder what they'll do when they discover several simultaneous connections to the server (and sessions) from the same MAC?

    --

    The only thing you can accurately describe as "Scotch" is a sticky tape made by 3M. And it's

  17. IPv6 == MAC address by Bookwyrm · · Score: 5, Insightful

    Does not the current IPv6 address allocation standard specify using your MAC address as the suffix portion of the IPv6 address? This is merely a taste of things to come if/when IPv6 becomes widely deployed, when your very IPv6 address can uniquely identify the hardware you are on (unless you use IPv6 NAT, of course.)

    And yes, presently, you can probably change the MAC address of your system. However, once software vendors and DRM technologies and other things start locking themselves to your computer hardware, I suspect changing the MAC address would cause problems. The only thing this game company has to do is when the game is installed is to lock the licence to the present MAC address so it will not run with a changed IP address without a new licence.

  18. ...it's really not that hard... by ph0rman · · Score: 5, Informative

    here's how to change it for nt/2000
    windows2000faq
    -advanced tab in adapter properties

    linux
    eepro100 list
    -ifconfig eth0 hwaddr ether 00:11:22:33:44:55

    this is exactly why microsoft's registration process uses a lot more than just the mac address.

  19. hmmm by awing0 · · Score: 5, Interesting

    Nope, MAC addresses won't work. You'd have to have a unique number that's hard coded into something expensive. The Pentium III's CPUID feature would work. However, as much as I hate cheaters in my favorite games, I don't like an ID number open to abuse.

    Quake III has recently enabled anti-cheat software called Punk Buster. It does a ban via your Quake III CD-Key, so you can't play on any Punk Buster enabled servers if you get banned. But with the game under $20 at BestBuy, I'm not sure if it will stop many of the problems.

    --
    Cthulhu Saves.
  20. Re:Shh... by phil+reed · · Score: 5, Informative
    I was referring to people on the same segment. Hardcore gamers in localities generally use the same provider to minimize latency issues. That is when the issue would crop up.

    But if you're on the same segment, then routing is not an issue.

    As noted, the answer is trivial: generate random MAC addresses. They are 6 bytes long - plenty of room for everyone to tumble the address every day and still not collide.

    --

    ...phil
    "For a list of the ways which technology has failed to improve our quality of life, press 3."
  21. NICs are sometimes shipped with duplicate MACs by KeithH · · Score: 5, Insightful

    When I was involved with the initial deployment of DSL service in Canada, our customer ran into an interesting problem: many of the low-cost NICs that they shipped with the DSL modem had the same MAC.

    Under most circumstances, this is seldom an issue since the NICs aren't likely to be deployed on the same network segment. However, when the MAC is used for other tracking services (in this case, a layer-2 NAT), you have a problem.

    And of course, as others have said, most NICs permit the factory MAC to be overridden.

  22. out of line! by mary_will_grow · · Score: 5, Funny

    >"...Question remains, is it going too far?" Definitely not-

    Thanks for answering that one for us. Without your moral framework we would be lost in the chaotic hell of self determination.

    --
    Why stick up for big business?
  23. Nothing new by quantax · · Score: 4, Insightful

    This has been going on for a while, though without MAC addresses, a much simpler system. Most multiplayer games thesedays come with a CD-Key thats authenticated by a central server whenever you play a game. The CDkey usually has a unique ID strapped to it that is publically accessible by admins or players. You ban the ID, they cannot connect to the game without changing their CDkey (which means either buying a new copy or finding another cdkey that works online, neither are 'easy'). If MAC addresses can be changed, then as soon as a couple of like-minded gamers find out about that, you can count on their being a guide on how to do it for gamers eventually. The best way handle this is on both a MAC, and CDkey-ID level. Ban their MAC, and ban their ID, that will stop all but the most determined/knowledgable.

    --
    "What can a thoughtful man hope for mankind on Earth, given the experience of the past million years? Nothing." -Bokonon
  24. What of windows? by moogla · · Score: 5, Informative

    Many ethernet drivers with this capability have an option for just this. For example, if you have a 3c918, click "configure" under network properties in win2k for that adapter. Select the "advanced" tab. On the left, you'll have an option called "network address" that's normally set to "Not Present". Change it to a specified value, and type in "DEADBEEFBABE" or whatever MAC address you want.

    Bingo.

    --
    Black holes are where the Matrix raised SIGFPE
    1. Re:What of windows? by tom.allender · · Score: 5, Funny

      If everyone uses DEADBEEFBABE that will create another problem...

  25. Cheaters aren't a problem in Multiplayer Action. by Qbertino · · Score: 5, Interesting

    It's solid code of honor amongst Clans not to cheat. Anybody as dedicated to playing online action games would render his pasttime pointless by cheating. And if anyone found out you've cheated your way into Ladder position you'd get an extremely hard time (on and offline).

    And when you're playing on a public server, cheaters are easyly identified by playing like crap and either scoring immediate kills once they actually *do* manage to hit or by simply not throwing the towel no matter how many times you flak them at point-blank. Both area mostly less than minor drags to a skilled player and have a somewhat funny aspect to it.

    I've seen entire matches in UT (1st) where cheaters we're just plain ignored because of the simply fact their skill level (not trained by playing under real conditions) rendered them something more like 'moving obstacles' rather than actuall participants.
    Anyhow, some one using more subtle cheats, such as see-through textures or so, can be anoying. Then on the other hand, if you're that good to know for shure that someone is using such a cheat, you'll be playing clan games most of the time anyway. And I haven't met a single Clan player cheating yet. At least none of mentionable Clans.

    BTW: I once had a cheater on my team in a pub UT CTF match. I switched sides and telefragged him 'til he gave up and disconnected. That was fun. :-)

    --
    We suffer more in our imagination than in reality. - Seneca
  26. My MAC is 00:00:00:37:33:73 by bartman · · Score: 5, Funny

    I wonder how many people will change theirs to same as mine...

    --
    -- bartman
  27. High road to the Locked Down Computer(tm) by Dr.+Spork · · Score: 5, Insightful
    I hope you're catching on to the dialectic here: this move will fail miserably. because NIC addresses are trivially easy to spoof. The next dialectical step: "We need some sort of unspoofable hardware key--maybe processor-based DRM." People will buy it if you can't play games without it. The end result will be a computer that protects you from yourself.

    Whether it's in the name of catching cheaters or catching terrorists, our freedom and autonomy are about to evaporate.

  28. Re:Shh... by Effugas · · Score: 5, Informative

    If there's one card on a network, and you add another, the question becomes "what are the odds that the two cards will pick the same number?" Since there's 48 bits of entropy(minus a small range for multicast addresses and broadcast), the odds are effectively 2^48.

    This is big.

    If there's many cards on a network, and you want to know how many total you can add before two of them will end up with the same card, the answer's far smaller -- 2^24, which is still pretty huge(it's a bit more than 16 million). It's a different problem because each time you add a new card, the card after has one more it can possibly match with. This is known as the birthday paradox, so named because this precise logic means that given 23 people in a room, there's a +50% chance that two people have the same birthday. Each new person is one more to match with.

    In reality, this is a moot point: MAC address prefixes are assigned by manufacturer, and the manufacturer serializes their cards such that no two shipped devices should ever have the same MAC address. Sometimes there are screwups, but they're pretty rare as far as I know.

    To debunk what a couple people are saying -- yes, MAC addresses as exposed to the network can be changed, but MAC addresses as detected by custom client software may be more tricky. Whatever the driver is exposing to the network, the card itself can't usually have its MAC address written over(i.e. once power is cycled, that card's returning to original shipped condition). I'm positive there are exceptions to this, but they're probably rare.

    Actually, this gives me an interesting idea. You can probably remotely fingerprint the age of a computer based on the MAC address of its ethernet card...and if IPV6's MAC->IP shove goes through, you'll be able to do that reasonably remotely!

    Yours Truly,

    Dan Kaminsky
    DoxPara Research
    http://www.doxpara.com

  29. Easy way to find out if you're cheating on dial-up by rcs1000 · · Score: 5, Funny

    Simple: if you are winning at Counter Strike despite a ping of 1,000+, then you must be cheating.

    I mean, duh...

    --
    --- My dad's political betting
  30. Re:Exposing myself. by jayayeem · · Score: 5, Funny

    It is a typo for "Tolkien Ring", a system in which the computer that holds the "One True Ring" becomes the most powerful machine on the network.

    --
    I metamoderate, therefore I am
  31. Anonymity and privacy by Tomster · · Score: 4, Insightful

    It seems people tend to confuse privacy with anonymity. Privacy means preventing others from getting information about you -- whether it's what kind of toothpaste you use or your SSN. Anonymity means preventing others from finding out who you are. The two are related, in that in practice they often go hand-in-hand. But they are distinct.

    -Thomas

  32. New way to remove honest players by Jeppe+Salvesen · · Score: 5, Funny

    Great. This is another way to get rid of those pesky, honest players and my enemies.

    I'll just assume their MAC address, misbehave like hell. Their MAC gets banned, and I get rid of the losers.

    Alone, I shall reign through spite and malice.

    --

    Stop the brainwash

  33. ifconfig man pages by bobKali · · Score: 5, Insightful

    Since the ifconfig man pages contain instructions on how to change MAC addresses and
    Since changing the MAC address would allow a cheater to circumvent access controls
    Then are the ifconfig man pages now illegal in the US under the DMCA?

  34. Re:Shh... by sfe_software · · Score: 4, Interesting

    Further, anybody who's smart enough to figure out how to change MAC addresses can also figure out that they can assign their own static IP address from the DHCP pool and the DHCP server will often allocate around it.

    Off-topic, but I used to do that when I had a cable modem. One day, however, I typo'd the ifconfig command on FreeBSD, and accidentally took over the router's IP (I mixed up my IP with the gateway IP). My phone promptly rang... they didn't much like that. Seems I took out service for the whole area, and they had to reset the router.

    Good thing this was before 9/11 and all the crazy computer crime laws...

    --
    NGWave - Fast Sound Editor for Windows
  35. Not just for gaming by chazzf · · Score: 5, Informative

    I work tech support at a small liberal arts college, and we require all students to register their machines within three weeks of getting on campus. We then lock their ports to their MAC addresses. If you need to move or change your card you can re-register, usually the change goes through in a day. We did it to make it easier to detect and limit email worms. If we see it coming from some specified port we close it off and the flag passes to the techs. So far it's worked pretty well, often we get people coming to us complaining that "their Internet doesn't work," usually it's because they got Klez and we shut their port off. Decent alarm system, really.

    --
    No statement is true, not even this one.
  36. Neverwinter Nights has a much better method by Sycraft-fu · · Score: 4, Interesting

    You can ban CD keys. Basically the only way around that is to buy a new copy of the game, which I doubt many people are willing to do.

    Teh CD keys are also an effective anti-piracy measrure, and one that isn't bothersome to legit users. When you are using the game for local play, the CD key doesn't matter, it's never checked. When you play on the Internet, however, the CD key is authenticated.

    When you first go to play multiplayer games, you client talks to the master server and lets it know what it's key is, the server chekcs and authenticates this against its list. Then, when you connect to a server the server checks your key, and asks the master if this is a legit key and if that key has authenticated. If not, the server refuses the connection.

    Hence, you can ban a CD key, and be very certian that the person it belongs to has been completely banned. Things like key generators aren't effective because while they can know the algortihm used to make legit keys, the keyspace is huge and they have no way of knowing which are actually legit and which aren't.

    So it ends up working out pretty nice for both parties. Bioware gets some copyprotection that there is actually a reason for srever owners to want to use.

  37. Howto change MAC in Win by Junky191 · · Score: 4, Informative

    Q. How can I change my media access control (MAC) address under Windows NT 4.0?

    A. Each network adapter card has a MAC address, which machines on local subnets use to talk to each other. MAC addresses are usually burned into the adapters during the manufacturing process. To overwrite a network adapter card's default MAC address, perform the following steps:
    1. Start the registry editor (e.g., regedit.exe).
    2. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\\Parameters.
    3. From the Edit menu, select New - String Value.
    4. Type a name of NetworkAddress, and press Enter.
    5. Double-click the new value, and enter the adapter's new MAC value.
    6. Click OK.
    7. Close the registry editor.
    8. Reboot the machine.

    This makes me very happy- One should be able to deliver their cutting remarks and wage psychiological warfare upon the weak with one liners like "Yeah thats what your mom did last night, cock jocky."

    That is the essence of multiplayer gaming, and any attempt to deprive us of that should be fought bitterly.