What Is a MAC Address & Can It Be Used To Secure Your Home Network? [MakeUseOf Explains]
Pinterest Stumbleupon Whatsapp

what is a mac addressNetwork structure and management have their own lingo. Some of the terms thrown around will likely already sound familiar to you. Ethernet and Wi-Fi are largely self-obvious concepts, although it may require a little bit more effort to understand the intricacies of the different Wi-Fi standards Understanding the Most Common Wi-Fi Standards Understanding the Most Common Wi-Fi Standards Wi-Fi can be a bit confusing because there are a handful of different standards being used. Here's what you need to know. Read More .

Knowing the meaning of these terms, and grasping the underlying concepts will help you to get a better grip on your own home or office network. All those nuggets of knowledge are tools in your networking toolbox. You may already get the basic idea of a router, but understanding how a router functions How Does a Router Work? How Does a Router Work? Routers may seem complicated and beyond your understanding, but they're actually quite simple. Read More allows you use it not just in a way that works, but in a way that works best.

Other terms are less familiar than those above, but are still occasionally encountered. MAC addresses have to do with network interfaces, and MAC filtering with network security. Here, we’ll explain the meaning and relevance of both principles.

MAC Addresses

MAC addresses, or Media Access Control Addresses, are unique identifiers assigned to network adapters such as the PCI network card in your desktop, or the Wi-Fi card that’s embedded in your laptop. Its purpose is simple; being able to distinguish one network adapter or network interface controller from another, and through it, the different networked devices.

Since every network interface has its own MAC address, a computer with multiple network interface cards has just as many different MAC addresses. For example, when a computer is outfitted with a built-in Ethernet network adapter and a separate Wi-Fi USB stick, both have different (unique) MAC addresses.

Universally Administered Or Locally Administered

MAC addresses can be either universally administered or locally administered. A universally administered MAC address is given to the network interface by the manufacturer. Just like credit card numbers Credit Card Numbers Are Not Random: How To Read & Understand Them Yourself Credit Card Numbers Are Not Random: How To Read & Understand Them Yourself You may have heard before that credit card numbers follow a certain pattern and structure so that they can be validated before a transaction is accepted. However, it's one thing to know that the structure... Read More , these addresses are not completely random. They also include an identifier for the manufacturer. These MAC addresses are burned into the hardware, often stored in read-only memory.

what is a mac address

On the other hand, most modern network interface cards are also able to project a custom MAC address, allowing users to specify which MAC address to use (sometimes in driver configuration). This is necessary for virtual networking purposes, but also allows for spoofing as we’ll discuss near the end of the article. As the MAC addresses are not necessarily written in stone at the moment of manufacturing, we say these to be locally administered MAC addresses.

MAC-48, EUI-48 & EUI-64

There are three different ‘kinds’ of MAC addresses; MAC-48, EUI-48 and EUI-64. The appended number indicates the number of bits (see James’ explanation of binary What Is Binary? [Technology Explained] What Is Binary? [Technology Explained] Given that binary is so absolutely fundamental to the existence of computers, it seems odd that we’ve never tackled the topic before - so today I’d thought I’d give a brief overview of what binary... Read More ) used to denote the address. Obviously, more bits allow us to express more unique addresses. Technically, a 48-bit address space can contain 2 to the power of 48 different addresses. That are 281,474,976,710,656 addresses. The IEEE expects this reservoir of unique MAC addresses to last until at least the year 2100.

Similarly, a 64-bit address space contains 2 to the power of 64 different addresses. That’s a 20-digit number, in case you’re wondering. We’re not expecting to run out of those any time soon. EUI-64 is used in firewire and IPv6 network interface cards (see Danny’s article on IPv4 versus IPv6 IPv6 vs. IPv4 : Should You Care (Or Do Anything) As A User? [MakeUseOf Explains] IPv6 vs. IPv4 : Should You Care (Or Do Anything) As A User? [MakeUseOf Explains] More recently, there's been a lot of talk about switching to IPv6 and how it will bring a lot of benefits to the Internet. But, this "news" keeps repeating itself, as there's always an occasional... Read More ).

The difference between MAC-48 and EUI-48 is mostly formal, because they both use one and the same structure and notation (see below). However, MAC-48 is said to refer exclusively to networking hardware, whereas EUI-48 can also refer to non-networking hardware.

Structure & Notation

Universally administered MAC addresses follow a set structure. The first 3 bytes (or 24 bits) comprise the Organisationally Unique Identifier (or OUI), by which we can tell different manufacturers apart. The following bits are used to the discretion of the manufacturer to identify the Network Interface Controller (or NIC), as long as the addresses are unique. The Network Interface Controller identifier comprises 3 additional bytes (24 bits) in the case of MAC-48 and EUI-48, or 5 additional bytes (40 bits) in the case of EUI-64. One bit in the OUI indicates whether the MAC address is locally or universally administered. An overview of EUI-48 is shown in the image below, courtesy of Wikimedia Commons.

what is a mac address

When you encounter a MAC address, it is usually written in pairs of hexadecimal digits, delimited by hyphens or more frequently colons, e.g. fe-01-a6-23-cf-d1 or fe:01:a6:23:cf:d1. The only difference between EUI-48 and EUI-64 is that the latter contains two additional hexadecimal pairs. Check out Dave’s article about hex and hex editors What A Hex Editor Is & Why You Might Use It [Technology Explained] What A Hex Editor Is & Why You Might Use It [Technology Explained] Read More  for more information on hexadecimal notation.

MAC Filtering

MAC addresses are usually used the way you’d use an envelope; to address a specific element within a network structure. For example, routers can use MAC addresses to make sure network packages reach the correct computers. On the other hand, MAC Filtering is the practice of using MAC addresses to restrict network access to a subset of devices. You can do this by creating a whitelist of MAC addresses that are allowed access, or a blacklist of MAC addresses that are not allowed access. Whenever some device tries to connect to a network, we check the MAC address and compare it to our list.

Why It Doesn’t Usually Pay Off

The problem with MAC Filtering is that MAC addresses are broadcast in plain text. This means an intruder can just wait on the sidelines until a device starts communicating on the network. It then spoofs the MAC address contained in the sniffed network package and poses as a whitelisted client. In the end it hardly takes a hacker any longer to breach the security of your network. It doesn’t impact the difficulty of cracking your network How Easy Is It to Crack a Wi-Fi Network? How Easy Is It to Crack a Wi-Fi Network? Wi-Fi security is important. You don't want intruders piggybacking on your precious bandwidth -- or worse. There a few misconceptions regarding Wi-Fi security, and we're here to dispel them. Read More . Meanwhile, MAC Filtering can be an enormous chore to set up. Simply said, it’s not worth the effort. At all.

Did you learn something new today? Or maybe you have something to add on the subject? Chime in in the comments section below the article!

Image credit: jscreationzs / FreeDigitalPhotos.net

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Mike Smith
    July 30, 2013 at 3:57 pm

    It might be useless at work but it's a god send at home. Was having a problem with the kids sharing network ID and password with friends so they could connect their phones when they were over.

    Now by using MAC filtering every device is registered (last count 16). Their friends laptops are also registered so they have to ask to use them (10 seconds to turn enable their device on the network). When they leave, their device is turned off.

    Also a great way of controlling video game use, and groundings.

    As long as they don't hack the router everything's good.

  2. FreshMacApps
    April 27, 2013 at 9:18 am

    Yeah, really well explained.

  3. RustyPolo
    March 21, 2013 at 8:21 am

    haha i still don't fully understand but very interesting

  4. Cliff Hosler
    February 26, 2013 at 12:27 am

    Thanks for a good article. Networking is something i need to study up on more.

  5. Juan Pedro Secondo
    February 25, 2013 at 7:47 pm

    OK, WPA2 and Mac filtering will be.

  6. Victor Ong
    February 25, 2013 at 5:59 pm

    Hm, so in essence, it IS possible to use the MAC address to block other devices for a period of time, as long as the "perpetrators" aren't very tech savvy.

  7. ion popa
    February 25, 2013 at 5:55 pm

    I find your article quite exhaustive. Thanks.

  8. Ashwin Ramesh
    February 25, 2013 at 4:43 pm

    Very well explained Simon!

  9. Daniel Joshua
    February 25, 2013 at 4:06 pm

    Setting up a MAC filter and using WPA2 is the best method for securing Home networks.
    It is pretty much secure that your neighbors can't use your WiFi without your knowledge so easily :)

    Nice article Simon

  10. Alexander Carstensen
    February 25, 2013 at 9:37 am

    Great explenation :)

  11. Muo TechGuy
    February 25, 2013 at 8:25 am

    Didn't look at the author, and was thoroughly expecting to come in here and correct it by saying MAC filtering is useless. As usual though, Simon delivers!

  12. Efi Dreyshner
    February 25, 2013 at 7:23 am

    Very useful for blocking strangers...

  13. Ray
    February 25, 2013 at 6:17 am

    MAC addresses aren't even unique. At work we learnt that the hard way, for our point of sale we use MAC addresses to uniquely identify a customers computer in our software (the customers asked for this) so that they can track who buys stuff from us for their business (in case a dodgy employee is stealing stuff).

    As we found out, several of our customers are using Telstra 3G USB dongles that all share the exact same MAC address...

    We've also found laptops that exhibit this problem too, as well as some desktops.

    • Nevzat Akkaya
      February 25, 2013 at 6:39 am

      MAC addresses might be changed too, there are some software that allow changing MAC addresses of NIC's.

    • Nevzat Akkaya
      February 25, 2013 at 6:39 am

      Nice article, as usual. Thanks.

  14. Rigoberto Garcia
    February 25, 2013 at 2:12 am

    Excellent explanation Simon...

  15. CD
    February 25, 2013 at 1:08 am

    I had MAC ID filtering enabled on my Wi-Fi access point. Recently disabled it as it was give my and the Mrs. smart phones trouble. WPA2 encryption will have to do.