R
retyop
1) For most people, their connection is to a defined IP range owned by
a single ISP provider, who probably gives its users the modem to use,
and thus, these modems are all probably of a certain make, and all have
the same first 3 hexadecimal numbers. Thus, since all users in that IP
range would share identical hex values in the first 3 digits of their
MAC address, if you randomized your entire MAC address, you would stand
out as the user with a different beginning MAC address than the rest.
It would be better, for the sake of anonimity, to keep the original
first 3 numbers and randomize only the last 3. Am I correct?
2) Using a sniffer, I can see that random packages sent to my IP
address by all those bots and whatever that are out there, already know
my MAC address without any communication from my part. This happens
even when I start my internet connection and I have been online for
only half a second, the first random bit of internet noise that hits me
already knows my MAC address despite my not communicating with anyone
besides my ISP to establish the connection. How does this work? Is my
modem changing the MAC on incoming packets? Or my ISP?
3) If I open my ISP monitoring window it shows me sent/received bytes
to the internet. By carefully following this flow with the sniffer, I
realized that there is a discrepancy, and that almost every packet
sent/received, according to the sniffer, is 20 bytes longer than
according to the ISP window. Any reason why (and which) 20 bytes would
be underreported from every packet (almost every packet)? The ECHO
packet behaves differently: my ISP window shows a flow of about 20
bytes per packet, while the sniffer program reports 50 to 60 bytes
(don't remember the exact number).
4) Is there a website that will show you a print out of the packet you
send it, the same way there are web sites that show you the details of
your web request (such as IP address, what IE you're using, etc.)?
a single ISP provider, who probably gives its users the modem to use,
and thus, these modems are all probably of a certain make, and all have
the same first 3 hexadecimal numbers. Thus, since all users in that IP
range would share identical hex values in the first 3 digits of their
MAC address, if you randomized your entire MAC address, you would stand
out as the user with a different beginning MAC address than the rest.
It would be better, for the sake of anonimity, to keep the original
first 3 numbers and randomize only the last 3. Am I correct?
2) Using a sniffer, I can see that random packages sent to my IP
address by all those bots and whatever that are out there, already know
my MAC address without any communication from my part. This happens
even when I start my internet connection and I have been online for
only half a second, the first random bit of internet noise that hits me
already knows my MAC address despite my not communicating with anyone
besides my ISP to establish the connection. How does this work? Is my
modem changing the MAC on incoming packets? Or my ISP?
3) If I open my ISP monitoring window it shows me sent/received bytes
to the internet. By carefully following this flow with the sniffer, I
realized that there is a discrepancy, and that almost every packet
sent/received, according to the sniffer, is 20 bytes longer than
according to the ISP window. Any reason why (and which) 20 bytes would
be underreported from every packet (almost every packet)? The ECHO
packet behaves differently: my ISP window shows a flow of about 20
bytes per packet, while the sniffer program reports 50 to 60 bytes
(don't remember the exact number).
4) Is there a website that will show you a print out of the packet you
send it, the same way there are web sites that show you the details of
your web request (such as IP address, what IE you're using, etc.)?