Hello, there are numerous of questions on the internet that go like this:

Q: Can a website identify or ban me by my MAC address?
A: No, of course websites can't see your computer MAC address (...mumbling something about an identifiable modem MAC address, while closing the topic)

In other words, could I sign up for an account which has a 1 account policy, after I once had an account there ages ago? While using the same modem, but a different IP address.
Asking for a friend of course.

Could someone please explain?

Originally Posted by tmybpv

Hello, there are numerous of questions on the internet that go like this:

Q: Can a website identify or ban me by my MAC address?
A: No, of course websites can't see your computer MAC address (...mumbling something about an identifiable modem MAC address, while closing the topic)

In other words, could I sign up for an account which has a 1 account policy, after I once had an account there ages ago? While using the same modem, but a different IP address.
Asking for a friend of course.

Could someone please explain?

As per the http(s) protocol, MAC address is not part of the request. So website won't know your machine MAC. And if the website is sniffing packets, then it should normally be able to find only the MAC of the last hop. But ofcourse, you never know the level of technologies these days.

Originally Posted by tianonymous

As per the http(s) protocol, MAC address is not part of the request. So website won't know your machine MAC. And if the website is sniffing packets, then it should normally be able to find only the MAC of the last hop. But ofcourse, you never know the level of technologies these days.

Thank you for your reply!
And sorry about this, but to me (someone who has zero knowledge about this topic) this sounds exactly like my example given.

Could you perhaps explain "machine" mac?

Would a general gazelle tracker/website be able to sniff/detect anything?

Originally Posted by tmybpv

Thank you for your reply!
And sorry about this, but to me (someone who has zero knowledge about this topic) this sounds exactly like my example given.

Could you perhaps explain "machine" mac?

Would a general gazelle tracker/website be able to sniff/detect anything?

If you are using a browser to access a website with an address (http://****) or (https://****), you are communicating over the http protocol. As per the protocol rules, the request will have your public IP, becasue the website needs to send a response. But it won't have your MAC. However, the website server system (OS) can analyze the network traffic directly (without it being the recipient of the message, but the messages going through it). When that happens, the MAC address of the last hop would probably be exposed to the server. If you are the last hop, then your MAC is exposed. However, that is usually not the case, and its usually some ISP router/switch which is the last hop.

Originally Posted by tianonymous

...and its usually some ISP router/switch which is the last hop.

Thanks again. Dumbed down I'm reading this as "Yes, occasionally websites will be able to identify my ISP Experia Box and I would have to replace it to be secure".

Originally Posted by tmybpv

Thanks again. Dumbed down I'm reading this as "Yes, (occasionally) websites will be able to uniquely identify my ISP Experia Box".

Ok, maybe let me put it this way. When you visit a website, you send a request to see the website and the website responds with the webpage. Now the request goes something like this.. From your computer -> your router -> your ISP router -> ... -> website server ISP router -> website router -> website computer -> website.

If you are using a router to connect to your ISP, your computer will probably have a local IP, but your router will have a public IP. This public IP will be sent all the way to the website, and will be used to get the response webpage from the website back to you. So the website will always know your public IP.

Now each hop in the chain above will have a different MAC. Maybe, now the last hop MAC makes sense.

Originally Posted by tianonymous

Ok, maybe let me put it this way. When you visit a website, you send a request to see the website and the website responds with the webpage. Now the request goes something like this.. From your computer -> your router -> your ISP router -> ... -> website server ISP router -> website router -> website computer -> website.

If you are using a router to connect to your ISP, your computer will probably have a local IP, but your router will have a public IP. This public IP will be sent all the way to the website, and will be used to get the response webpage from the website back to you. So the website will always know your public IP.

Now each hop in the chain above will have a different MAC. Maybe, now the last hop MAC makes sense.

So sorry about all of this (:
And thanks! I understand now it's somewhat impossible for my ISP Experia Box to be the latest "hop" and I should be secure.