How to get the MAC address of an ANTENNA on my roof
in [Wireless Internet]
|
Prev: ===Christian Louboutin - www.vipchristianlouboutin.com
Next: NEWS: Hackers release carrier unlock for Apple's iPhone 4
From: John Navas on 4 Aug 2010 14:07 On Wed, 4 Aug 2010 17:48:28 +0000 (UTC), in <8cdb5e83744bc43dbf12a4a57f9ebee8(a)tioat.net>, Brent <beemdoubleu(a)Use-Author-Supplied-Address.invalid> wrote: >On Wed, 04 Aug 2010 08:49:30 -0700, John Navas wrote: >> Is the ISP filtering by MAC address? > >I don't know. What I do know is that my antenna receives the signal from >their access point. I can easily 'see' their access point from my PC with >netstumbler (or even Windows WZC) when I connect with WZC directly to their >access point, a login web page comes up. > >Note that there is no login web page when I connect to the RJ45 coming out >of the antenna/bridge that is on my roof. So the ISP is using some sort of authentication on its wireless Ethernet (client) bridge. If you want to directly replace that device, then you'll need the same authentication, and if the ISP won't give it to you, then you're probably out of luck. >> What are you trying to do? >I'm assuming if I emulate on the laptop the MAC address of the >antenna/bridge on the roof, then the laptop (I am hoping) can receive the >signals from the access point. Probably not without the authentication. >The advantages to me are: >a) It's interesting >b) I can be on the net far farther than my own router will broadcast >(Their access point signal is five bars all over my property while my own >router signal drops off drastically just fifty feet away from the house). Another option is your own *outdoor* wireless access point with a good antenna, which should have considerably more range than that. >> * If so, it should be able to connect if authorized by the ISP. > >My router DOES connect so I'm authorized by my ISP. I know you guys are a >suspicious bunch, but, I just want to see if I can find the MAC address of >the ethernet card in that antenna box on the roof using software. > >I directly asked the provider support guy who only gave me the last few >digits. Obviously they don't think I need to connect to their access point >directly (but they let me do that during my first month when I was having >problems so I KNOW it can be done. They asked me for my MAC address and >that allowed me to bypass the login screen they have when you connect to >the otherwise open access point). > >That's why I know it will work; if only I could emulate the MAC address of >the ethernet card in the antenna box. If the ISP is indeed authenticating just by MAC (which would be surprising since it's so easily spoofed), then all you need is to sniff the *wireless* MAC of the device (as Jeff described). -- John FAQ for Wireless Internet: <http://wireless.navas.us> FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-Fi> Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-Fi_HowTo> Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-Fi_Fixes>
From: Brent on 4 Aug 2010 17:38 On Wed, 04 Aug 2010 11:07:47 -0700, John Navas wrote: > On Wed, 4 Aug 2010 17:48:28 +0000 (UTC), in > <8cdb5e83744bc43dbf12a4a57f9ebee8(a)tioat.net>, Brent > <beemdoubleu(a)Use-Author-Supplied-Address.invalid> wrote: > >>On Wed, 04 Aug 2010 08:49:30 -0700, John Navas wrote: > >>> Is the ISP filtering by MAC address? >> >>I don't know. What I do know is that my antenna receives the signal from >>their access point. I can easily 'see' their access point from my PC with >>netstumbler (or even Windows WZC) when I connect with WZC directly to their >>access point, a login web page comes up. >> >>Note that there is no login web page when I connect to the RJ45 coming out >>of the antenna/bridge that is on my roof. > > So the ISP is using some sort of authentication on its wireless Ethernet > (client) bridge. If you want to directly replace that device, then > you'll need the same authentication, and if the ISP won't give it to > you, then you're probably out of luck. > >>> What are you trying to do? > >>I'm assuming if I emulate on the laptop the MAC address of the >>antenna/bridge on the roof, then the laptop (I am hoping) can receive the >>signals from the access point. > > Probably not without the authentication. > >>The advantages to me are: >>a) It's interesting >>b) I can be on the net far farther than my own router will broadcast >>(Their access point signal is five bars all over my property while my own >>router signal drops off drastically just fifty feet away from the house). > > Another option is your own *outdoor* wireless access point with a good > antenna, which should have considerably more range than that. > >>> * If so, it should be able to connect if authorized by the ISP. >> >>My router DOES connect so I'm authorized by my ISP. I know you guys are a >>suspicious bunch, but, I just want to see if I can find the MAC address of >>the ethernet card in that antenna box on the roof using software. >> >>I directly asked the provider support guy who only gave me the last few >>digits. Obviously they don't think I need to connect to their access point >>directly (but they let me do that during my first month when I was having >>problems so I KNOW it can be done. They asked me for my MAC address and >>that allowed me to bypass the login screen they have when you connect to >>the otherwise open access point). >> >>That's why I know it will work; if only I could emulate the MAC address of >>the ethernet card in the antenna box. > > If the ISP is indeed authenticating just by MAC (which would be > surprising since it's so easily spoofed), then all you need is to sniff > the *wireless* MAC of the device (as Jeff described). While I haven't seen Jeff's response yet, a friend here at work just suggested a perfect solution (if it works) in the cafeteria at lunch. He suggested I simply connect to the ethernet bridge on my roof via the http protocol. The steps he suggested are: a) Log into the router to find the gateway it is using (which he surmises is probably the IP address of the ethernet bridge/antenna on my roof). Let's assume that IP address is (for arguments sake): 1.2.3.4 b) Then remove the router and replace it with the laptop (perhaps with a crossover cable if needed). c) Connect now to the ethernet bridge/antenna using the http protocol: http://1.2.3.4 Once there, if the bridge/antenna will let me log in, then I can find the MAC address. Let's assume the MAC address is 00:00:00:00:00:01 d) Once I have the MAC address, disconnect everything (including the power supply to the antenna) e) Then change the MAC address on the laptop to 00:00:00:00:00:01 and see if that connects to the ISPs access point. It's worth trying but he suggested the biggest problem might be authentication on the ethernet bridge/router; although since that is owned by me, I should be able to reset it if it's possible to reset it to default values. I'll let you know if that approach works and I'll check out Jeff's response you alluded to. c) Replace my router on the ethernet bridge/antenna & place the laptop in its place connected by cat5 to the ethernet bridge/antenna.
From: Brent on 4 Aug 2010 17:42 On Wed, 04 Aug 2010 17:34:17 +0100, alexd wrote: >> The antenna has a line of sight connection to the ISP's antenna (but the >> ISP support guy won't tell me the MAC address, only the last 6 digits). > Ironic really, because that's the more unique part of the MAC address! I googled to find what you were talking about and I agree now that I understand the first half is the manufacturer and the second half is the unit. So it may be that I already know the entire MAC address ... once I figure out the manufacturer. I'll report back if I can find something identifiable about the manufacturer.
From: Brent on 4 Aug 2010 17:44 ooops. Sorry on that last reply for forgetting to delete most of the quoted text. My mistake.
From: Brent on 4 Aug 2010 18:12
On Wed, 04 Aug 2010 10:41:01 -0700, Jeff Liebermann wrote: > There are two MAC addresses up there. > They're usually one digit apart. Interesting. > I'll also assume it's a 2.4GHz Wi-Fi radio I think that's correct as connecting with the PC worked that first month. > the remaining 3 can be determined if you knew the manufacturer. > <http://www.coffer.com/mac_find/> > Since you can't open the box or pry the information out of your ISP Actually, I went back up there, and realized that I CAN open the cover which has a dozen or so screws holding it on. So I definately can open it up if I need to (I'm more worried about putting it back at the right angle if I have to, or falling off the roof; but if it comes to that, I'll correct what I remembered in that I CAN open it up). Also, since the ISP wants me to buy new $300 equipment (including installation), I suspect I can pry out of them the existing equipment brand name ... so that approach of finding the manufacturer might work. Still, software is sooooo much more interesting ... because it's learning to fish instead of getting handed the cooked fish. > Netstumbler should [sniff out traffic] if SSID broadcasting > is enabled. If you don't see anything, it's not. I don't understand that statement since Netstumbler doesn't show me "traffic" (AFAIK). What I see for the ISP's access point in Netstumbler is: - The MAC, SSID, channel, speed, vendor, type, SNR, etc. - The access points show up in the "Encryption Off" filter - The access points show up in the "ESS(AP)" filter. - Two of the three access points show up in the "Short Preamble" filter - The access points show up in the "Short Slot Time(11g)" filter That's all that I see in Network Stumbler. I don't see "traffic" (that's why I tried to install airsnare. I don't mind installing it again to see if I can get past the winpcap problem. > Wireshark on the eithernet side should also work. Plug a PC into the > wireless client bridge and sniff any packets coming or going. The MAC > address should be in there somewhere. Ah, THAT is the kind of pointer I was looking for! Wireshark! I'll install that and report back. I'll repeat a coworker suggested I simply query my router to see what IP address it thinks it's getting from the ISP ... then disconnect the router and put the laptop in its place with a crossover cable ... so the the laptop is now wired directly via cat5 to the ethernet bridge on the roof. Then to go to http://thatIPaddress to see if I can query the ethernet card on the roof for its MAC address. > I presume you have a wired router connected via ethernet to the > wireless client bridge. Check your "WAN" settings on your unspecified > model router. If DHCP, then just use a crossover cable to connect. If > static IP addresses, write them down, plug them into the network > properties on the PC. I'm not sure where to look for that information. It's a wired/wireless Linksys WRT54G router. The "Setup" page tells me that the router as a "DHCP Server" is "enabled"; the "Status" page gives me the "Default Gateway" (which I presume is the IP address of the Ethernet card on the roof. I'm not sure where to look for the information you specified but that's what I get hitting all the tabs that seems relevant to DHCP. BTW, your four steps are spot on the money; I'm working my way through each of them! I'll report back the results. Thanks for the pointers! I've plenty of research to do now but at least it's directed better. |