Wireshark-users: Re: [Wireshark-users] How to know which MAC address is the true client that conn
From: Yorian Wiltjer <zentinel17@xxxxxxxxx>
Date: Tue, 16 Nov 2010 14:35:41 +0100
2010/11/16 Chin Shi Hong <cshong87@xxxxxxxxx>:
>
>
> On Mon, Nov 15, 2010 at 9:01 PM, Yorian Wiltjer <zentinel17@xxxxxxxxx>
> wrote:
>>
>> Chin,
>>
>> A normal wireless access point bridges 802.3 (wired) to 802.11 (wireless).
>> Thanks to this bridge wireshark see both wiresless clients and wired
>> clients via the WAP.
>> I can think off two ways to get rid off the MAC's from wired cards.
>>
>> One unplug the WAP  from your wired network.
>>
>> OR
>>
>> Use a router.
>> With a router all your wired MAC will be hidden behind the MAC off the
>> router.
>> Just a simple router would do.
>>
>> Hope its helps,
>> Yorian
>>
>>
>> 2010/11/14 Chin Shi Hong <cshong87@xxxxxxxxx>:
>> >
>> >
>> > On Sun, Nov 14, 2010 at 3:24 AM, Stephen Fisher
>> > <steve@xxxxxxxxxxxxxxxxxx>
>> > wrote:
>> >>
>> >> On Sat, Nov 13, 2010 at 10:24:05PM +0800, Chin Shi Hong wrote:
>> >>
>> >> > are the real wireless client that connect to the wireless network
>> >> > AA:BB:CC:DD:EE:FF, or it may be only one of them are the real
>> >> > wireless
>> >> > client connect to the wireless network AA:BB:CC:DD:EE:FF. How can I
>> >> > know which one is the real wireless client connected to wireless
>> >> > network AA:BB:CC:DD:EE:FF?
>> >>
>> >> I don't understand your question; why would any of the addresses not be
>> >> real ones?
>> >>
>> >>
>> >> ___________________________________________________________________________
>> >> Sent via:    Wireshark-users mailing list
>> >> <wireshark-users@xxxxxxxxxxxxx>
>> >> Archives:    http://www.wireshark.org/lists/wireshark-users
>> >> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>> >>
>> >> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>> >
>> > My "real wireless client" mean the computer connected to the network
>> > using
>> > wireless, not through other method.
>> >
>> > This is because I had done some testings. I tested with 2 computers.
>> > First
>> > computer connected to my wireless router by using wireless network
>> > adapter,
>> > while the second computer connected to my wireless router using wired
>> > connection. I had noticed that the MAC Address of the wired network
>> > adapter
>> > in second computer (the one using wired) are recorded as well, either as
>> > source address or destination address.
>> >
>> > This make me very hard to program my application to detect which MAC
>> > address
>> > is the MAC address of the wireless network adapter, not the wired
>> > network
>> > adapter.
>> >
>> >
>> > ___________________________________________________________________________
>> > Sent via:    Wireshark-users mailing list
>> > <wireshark-users@xxxxxxxxxxxxx>
>> > Archives:    http://www.wireshark.org/lists/wireshark-users
>> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>> >
>> > mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>> >
>>
>> ___________________________________________________________________________
>> Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
>> Archives:    http://www.wireshark.org/lists/wireshark-users
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>>
>> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
> I am using router, and wireshark still see the MAC address of wired
> computer.
>
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>

How is your set up?

                    Internet
                         |
                         |
wired-------"Router"-------Wireless
network                            network

OR


wired--------switch----router---WAP---wireless network
network