Can data sending machine be tracked?
Aman_saini
Member Posts: 62 ■■■□□□□□□□
in CCNA & CCENT
I was wondering if mac addresses are changed after passing through routers, switches etc any physical devices and IP addresses are never changed through to end in a IP packet and also we use NAT to hide internal network machines then is it possible to track down the real machine who sends the data(or we can say a hacking attack). I know the concept of port number but are they helpful in tracking down the real machine?
Comments
-
MAC_Addy Member Posts: 1,740 ■■■■□□□□□□Stop doing attacks on people while at work! :P i'm just kidding.
I think if there was a legitimate attack they'd track down the IP and then question the company it's coming from. The MAC addresses are changed when passing through routers as Source and Destination addresses. The packet needs to know how to get back to it's original destination.2017 Certification Goals:
CCNP R/S -
Forsaken_GA Member Posts: 4,024it actually is possible, though it often requires several people working together.
For example, a few years ago, starting on Christmas Day, there was a very large DDOS attack that began and affected quite a few providers, the company I was working for among them. It took a few days, but we tracked the source back to Time Warners network. It took a few network engineers sharing Netflow data with each other, and when we presented TWC with our findings, they disconnected the troublesome hosts. -
alxx Member Posts: 755Can be tracked but they can also be faked very easily at the machine/device.
What can't be faked is the amount of traffic and where it enters the network
For one project I worked on we tracked "visitors" by tracking their bluetooth and wifi mac addresses in their phones.Goals CCNA by dec 2013, CCNP by end of 2014