Can a MAC address be traced?

Search First! Then browse: Categories | Full Archive | By Date | Newsletter

Summary: A MAC address can easily be traced for as far as it travels. The problem is a MAC address doesn't travel far enough to be useful.

I know that all computers have a unique MAC address. But how traceable are they? If my laptop gets stolen, and I know my MAC address, can I get back to it if the person stole it gets connected to internet, even after formatting the machine and thinking that it's safe to connect? Seems like this could stop laptop burglaries if that MAC address thing is traceable.

•

You're correct ... it could put a big dent in laptop burglaries if MAC addresses were traceable. Or it would at least increase the odds of stolen equipment being recovered.

But they're not. At least, not in any way that could help.

Let's look at why.

•

A MAC, for "Media Access Control" address is a unique number that's assigned to every ethernet network interface.

In theory, it's unique anyway. In theory, every network card or network interface should have its own unique MAC address that is different from every other network card on the planet.

There are two problems:

Occasionally, manufacturers don't ensure that they're unique, so multiple network interfaces can in fact have the same MAC address.
The MAC address can be set in software in many network interfaces, meaning that whatever the original MAC address, it can be overridden later.

So the uniqueness that we might want to rely ... can't be relied on.

"So the uniqueness that we might want to rely ... can't be relied on."

But that isn't really the biggest problem.

The MAC address is used by the network to identify which piece of hardware a packet of information is to be sent to. In other words, it's used only on connections from one piece of networking equipment to the next.

That means that when information leaves your computer it has your computer's MAC address, but when it arrives at your router that MAC address is removed. When the information is sent by your router further upstream to your ISP's router, it contains the MAC address of your router. When it moves from the ISPs router to another router on the internet, it contains the MAC address of the ISPs router.

And so on.

Your MAC address never makes it further than the first piece of networking equipment between you and the internet.

There are various alternative solutions that you might want to look into for stolen laptop recovery. While not all survive a reformat of the machine, many thieves actually try to connect a stolen laptop as-is in order to recover or steal the data thereon as well, at which point these tracing tools kick in.

And, of course, you'll want to make sure that the data on your laptop is secure no matter what.

Related:

How can I keep data on my laptop secure? Laptops are portable, convenient and easily lost. When lost all the data could easily be available to the finder. Encryption is the answer.
What's the difference between a Mac Address and an IP Address? MAC and IP addresses are both key components to network, but they serve different purposes, and are visible in very different ways.
What's the difference between a Mac Address and an IP Address? MAC and IP addresses are both key components to network, but they serve different purposes, and are visible in very different ways.

Article C3635 - January 24, 2009

Recent Comments

2 Comments

Great.I never imagined that this is the way things actually work out .Every time i visit your site i always learn something new.

Posted by: jyothish kumar at January 27, 2009 9:31 AM

What you can do is install a tool like dyndns or no-ip on your system. What they do is resolve the wan ip address of the system the software is installed on into a hostname. You can then log into your account and see the IP address last used when the software was running. This can aid law enforcement with the combination of the ISP used by the thief, to track him down. You can even run a tracert on the hostname and get a general idea where they are located by the routers the ping packets hop through.

All this is one of the many things software like Leo is talking about and law enforcement use to track down stolen computers. Chances are though, if it was a professional thief, they would have whipped the drives, software and all, making it virtually impossible.

A hostname will definitely log an IP Address the machine used to connect from so you at least get something if the machine was connected before being wiped.

Posted by: Chris at January 27, 2009 10:02 AM

Post a comment on "Can a MAC address be traced?":

Name: (Required) Email Address: (Required) (Email Address will not be published.) Remember Me? YesNo	By popular demand... my tip jar Buy Leo a Latte!
Comments: (you may use HTML tags for style)	Subscribe to the RSS Feed specifically for comments on this article.

Before commenting, please...

Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored.
Comment only on this article. Use the Google search box at the top of the page if you have a question about something else.
Don't include personal information in the comment. No email addresses. No phone numbers. No physical addresses.

Don't spam. Excessive links to unrelated sites within a comment or across multiple comments will cause all such comments to be removed.
Don't ask me to recover lost passwords or hacked accounts. I can't, and those comments will be deleted.
I can't respond to every comment. And I can't vouch for the accuracy of others who do.

Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...

Question? Ask Leo!

Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure