-2

I know that Tor is used for anonymity while browsing in the Internet. I heard that by using Tor, it is possible to hide my IP. But is it possible to hide my MAC address also?

TildalWave
  • 10,801
  • 11
  • 45
  • 84
Anandu M Das
  • 1,981
  • 14
  • 31
  • 46
  • 7
    It would help if you understood the TCP/IP or the OSI networking model. You would answer your own question. The MAC address is only seen by the next hop in the path. Most probably the router. – user1720897 Sep 12 '14 at 13:55

3 Answers3

6

The MAC address is only visible on your local network. You don't need to hide it.

With Tor or without Tor, as soon as the packet reaches your default gateway, that computer sitting between you and the next network segment, your MAC cannot be seen anymore.

But if someone tries very hard to trace you, a special crafted website can get your MAC by exploiting your browser, executing some commands on your computer and get all kinds of information from the computer.

But this does not have anything to do with Tor nor no-Tor nor MAC address.

If you want to add another layer of security, try using Whonix Linux. It's a two-server solution running on virtual machines: the gateway and the workstation. The gateway connects to Tor, and creates a local network routing everything over Tor. The workstation only have access to the gateway, so even if someone exploits the workstation, he will see a local IP address, a virtual MAC, a virtual HDD, and no information on your physical hardware.

ThoriumBR
  • 50,648
  • 13
  • 127
  • 142
3

TLDR; It's possible to mask your MAC address, but it's still broadcast in plain text to anyone local to your network

It's not really possible to "hide" a MAC address. The MAC address is used to determine where to deliver the actual packets, if you remove it from the packet, the router has no way of knowing where to deliver the packet.

Think of it like a paper letter. If you remove or "hide" the address, how does the postman know where to deliver the letter?

Similarly, it's not really possible to hide an IP address. The way tor accomplishes this is to forward the request and reply through several layers of encrypted communications. The gamble is that any attacker won't control enough tor relays to be able to decrypt the entire message. If you, as an attacker, controlled the whole tor network, you would be able to read any message passed between relays.

The same concept will protect your MAC address from anyone on the Tor network, or the website administrator. It will not protect you from anyone on your local network.

Actually even without tor, your MAC address will not be leaked beyond your local network. Your local router will perform NAT on any requests which will have the effect of not leaking your MAC address to the greater internet. In TCP/IP, the MAC continually changes as it is rewritten by every hop it goes through.

Chris Murray
  • 1,275
  • 11
  • 17
  • But it depends how you define the "hide". For example you can easly change your mac address. (Thats how you could for example bypass the mac filtering.) And you can use proxy or the tor system to "change"/"hide" your IP with a fake one. Yes you need these addresses in the packets, but you can modify them a bit. – Gerifield Sep 12 '14 at 08:48
  • @Gerifield, yes, I address this within my post. Tor will mask the IP/MAC address from the final destination, but it'll still be broadcast in plaintext to the first relay. – Chris Murray Sep 12 '14 at 09:07
  • @ChrisMurray - which is what most people mean by "hide". So it's a bit misleading to start off saying "it's not possible..." – paj28 Sep 12 '14 at 12:47
  • 2
    The final destination will never see the MAC address of the originating computer, even without Tor or any effort what-so-ever by the user to "hide" the MAC address. None the less, it's not possible to hide the MAC address from a user on a local network (technically, before the first hop, wherever that is). – Chris Murray Sep 12 '14 at 12:58
  • 1
    @paj28, I've edited my answer to be a bit clearer – Chris Murray Sep 12 '14 at 13:12
  • Even without NAT, MAC addresses do not leave the link. As soon as the packet changes subnet, the MAC address is not available anymore. – user2313067 Sep 12 '14 at 16:09
-2

It is not impossible. Theoretically it should not, but in practice it can:

http://samy.pl/mapxss/

3. The XSS obtains the MAC address of the router via AJAX.
4. The MAC address is then sent to the malicious person. In the test case below, it's sent to me (not that I'm malicious!)

this works with the Verizon FiOS routers, but it may be possible to find ways to do it with other routers.

Badr Elmers
  • 149
  • 9
  • -1 This person is asking whether or not it's possible when using Tor. Tor browser blocks local connections, so this attack would not work. – forest Dec 18 '17 at 01:08