What's the difference between a Mac Address and an IP Address?

Search First! Then browse: Categories | Full Archive | By Date | Newsletter

Summary: MAC and IP addresses are both key components to network, but they serve different purposes, and are visible in very different ways.

What is the difference between a Mac Address and an IP Address? Are both traceable back to your computer? And can you hide them? If by hiding them is your computer safer from hackers. Also, are the free versions as good as the ones you buy?

Well, the last one is easy to answer: there's no concept of free versus paid IP or MAC addresses. As you'll see in a moment, IP addresses are assigned as part of connecting to a network, and MAC addresses are assigned at the time hardware is manufactured.

Even hiding a MAC or IP address is a concept that doesn't quite apply, but we'll get in to that too.

And whether MAC or IP addresses are hidden or not, if you connect to a network these are not the kind of things you should be spending your time worrying about to stay safe from hackers.

•

A MAC (or Machine Access Control) address is best thought of as a unique serial number assigned to every network interface on every device. And by unique, I do mean unique; no two network cards anywhere should have the same MAC address.

You can see your network interfaces MAC addresses using the command prompt in Windows XP using ipconfig /all:

Ethernet adapter Local Area Connection 2:
        .
        .
        Physical Address. . . . . . . . . : 00-1D-60-2F-4B-39

"So your MAC address doesn't make it out very far. And knowing it certainly doesn't help anyone do anything, good or bad."

Each network adapter on your computer will have one.

MAC addresses are typically used only to direct packets in the device-to-device portion of a network transaction. That means that your computer's MAC address will be in network packets only until the next device in the chain. If you have a router, then your machine's MAC address will go no further than that. Your router's MAC address will show up in packets sent further upstream, until that too is replaced by the MAC address of the next device - likely either your modem or your ISP's router.

So your MAC address doesn't make it out very far. Even if someone knows your MAC address, that knowledge certainly doesn't help anyone do anything either good or bad.

•

An IP address is assigned to every device on a network so that device can be located on the network. The internet is just a network after all, and every device connected to it has an IP address so that it can be located. The server that houses Ask Leo!, for example, is at 72.3.133.152. That number is used by the network routing equipment so that when you ask for a page from the site, that request is routed to the right server.

The computers or equipment you have connected to the internet are also assigned IP addresses. If you're directly connected, your computer will have an IP address that can be reached from anywhere on the internet. If you're behind a router, that router will have that internet-visible IP address, but it will then set up a private network that your computer is connected to, assigning IP addresses out of a private range that is not directly visible on the internet. All internet traffic must go through the router, and will appear on the internet to have come from that router.

•

Metaphors are always a tad difficult, but let's try this:

An IP Address is kind of like your postal address. Anyone who knows your postal address can send you a letter. That letter may travel a simple or complex route to get to you, but you don't care as long as it makes it.

The same is true of packets of data traveling on a network like the internet. The IP address indicates where a packet is destined, and the system takes care of getting it there. A letter may or may not also have a return address so you know who to write back to - a TCP/IP address always has a return IP address.

A router can perhaps be thought of as a company's mail room. You may send a letter to "Complaint Department, Some Big Company, Some Big Company's Address". The postal service will get that letter to the company. The company then notes that the letter needs to go to the complaint department, and routes it there using inter-office mail. And of course, all your outgoing mail is picked up by the inter-office mail courier and routed to the external postal service as needed.

When you're behind a router the same thing sort of happens - all of the packets destined for you are actually addressed to your router. It's the router that then determines which of your computers that packet might be meant for, and routes the packet appropriately.

In both cases - corporate mail room or networking router - the actual physical location of your office or the actual local IP address of your computer is not visible to the outside world.

A MAC Address is kind of like the color, size and shape of your physical mail box. It's enough that the postal carrier (your network router) can identify it, but it's unique to you, there's no reason that anyone other than your postal carrier might care what it is, and you can change it by getting a new mailbox (network card) at any time and slapping your name (IP address) on it without affecting your delivery.

As I said, it's not a perfect metaphor, but perhaps it'll help get some of the basic concepts across.

•

Finally, a word about staying safe from hackers.

MAC addresses aren't part of the discussion, simply because they never travel beyond your local network, and they can't be hidden as they're simply required for networking to work. Many network adapters allow you to override the MAC address, but even so it still identifies your computer on the local network.

IP addresses are also required for networking to work. The network has to know what computer to send data to. You can, in many cases, use things like anonymization services and the like to appear to be coming from a different IP address, but that doesn't change the fact that your machine is still reachable by some IP address.

Merely being connected to the internet, by whatever address you happen to use, requires that you take steps to stay safe. There's ultimately no way to completely "hide" your IP address without disconnecting from the network. What you should be doing are the classical steps to internet safety: get behind a router, keep your system up to date, run anti-malware scans, backup regularly and so on.

Since I know it'll come up, and as I've discussed over and over and over and over again, an IP address does not allow someone to find out your physical location or identity without law enforcement intervention. Similarly, you cannot find out someone else's physical location or identity without involving the authorities.

Related:

Do I need a firewall, and if so, what kind? Firewalls are a critical component of keeping your machine safe on the internet. There are two basic types, but which is right for you?
Internet Safety: How do I keep my computer safe on the internet? Internet Safety is difficult and yet critical. Here are the seven key steps to internet safety - steps to keep your computer safe on the internet.
How is my IP address assigned? Every device on an TCP/IP network must have a unique IP address. IP addresses are assigned, either automatically by DHCP, or by manual configuration.
Getting all worked up over IP tracing How far can people really get with an IP address?

Article C3456 - July 24, 2008

Recent Comments

11 Comments

Leo - one part of the original question asks about the difference between IP addresses you get 'for free' and those you buy. I think this is asking about the difference between a dynamic and a static IP address - most ISPs will give you a dynamic IP address as standard but will charge you for a fixed IP address; a dynamic IP address is fine if you just use email and the internet, but if, for example, you want to run your own web server, and host it yourself on your own computer, you need a static IP address.

Posted by: JohnE at July 30, 2008 2:49 AM

It gives a good picture about the IP and MAC addresses.
Does the MAC address also go along with the IP address as hidden-part of the Header Details of the Email to the receiving PC / Server ?

No. The mac address only travels as far as the next piece of networking equipment in the path. So it probably only goes as far as your router.

-Leo

Posted by: Chandra Sekaran K at August 3, 2008 3:39 AM

IP and MAC - Very nicely differentiated.
I have some doubts. Will the MAC address also go with the IP address as part of the Header details along with the Mail exchange ? Can the Mail be tracked back to the MAC no (ie., the Mail originating PC )?
What is the real purpose MAC Address ?

Posted by: Chandra Sekaran K at August 3, 2008 4:08 AM

Dear Sir Leo:

Hope you will fine and healthy. I'm so happy from your site and your information to take us and u solve our problems.
Sir i have Three quetions.
1. what is diffrent between Table and Query in Access programm?

2. What is different between routing protocols and routed protocols?

3. What is different between ISA server and Proxy server?

Posted by: rahman at August 3, 2008 10:51 PM

Very interesting in fact I understood your metaphor. Perhaps you can answer a question.
I'm installing a new machine, I'm connected to the internet but cannot open my browser (page cannot be displayed). Checking my IP address it appears as all letters.

Any help will be greatly appreciated

Uh, no. An IP address should never appear as all letters. (OK, an IPv4 address should never appear as all letters, the newer IPv6 is another matter, but not something you should be seeing anyway.) I'd have to know exactly how you're looking at your IP address to know what it is you're actually seeing.

-Leo

Posted by: Chuck at August 8, 2008 9:03 AM

Would love to know the answer to this above post as well.

A MAC address uniquely identifies every network interface. It travels no further than the next router or equivalent network interface. It does not appear in email headers as it makes no real sense to be there.
-Leo

Posted by: Dave at September 5, 2008 3:14 PM

Why would someone want the same mac address as me? I just found out through my Internet provider that some one else had the same mac address as me, which is why my internet wasn't working. How does that happen, and should I be concerned?

Posted by: Jason at October 13, 2008 12:18 PM

Dear Sir,

This is indeed a useful site.

Please advise me the followings:
Is it mandantory to get a MAC address (OUI/IAB),
even if, I used the ethernet device on a LAN only?

Thank you.

Regards,
Octavius

Posted by: Octavius at December 8, 2008 7:20 PM

Dear Leo
Can you connect Macs and PC's to the same server?
How?
Thanks,Jetrue

Posted by: Jetrue Hudson at January 15, 2009 2:42 PM

why cant we replace IP system by MAC system, bcoz MAC address is going to be unique as similar to IP Address instead of sending source IP address we can transmit Source MAC address, why cann't we do that? i am also not clear "MAC Adress travels no further than the next router or equivalent network interface" !!!!

Posted by: DINESH at April 28, 2009 11:44 PM

See all 11 comments...

Post a comment on "What's the difference between a Mac Address and an IP Address?":

Name: (Required) Email Address: (Required) (Email Address will not be published.) Remember Me? YesNo	By popular demand... my tip jar Buy Leo a Latte!
Comments: (you may use HTML tags for style)	Subscribe to the RSS Feed specifically for comments on this article.

Before commenting, please...

Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored.
Comment only on this article. Use the Google search box at the top of the page if you have a question about something else.
Don't include personal information in the comment. No email addresses. No phone numbers. No physical addresses.
Don't ask me to recover lost passwords or hacked accounts. I can't, and those comments will be deleted.

I can't respond to every comment. And I can't vouch for the accuracy of others who do.
Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...