-3

On Linux , How Can Find Mac of IP addreass of any user / computer that connected to server ? we use Centos + Iptables .

MadHatter
  • 79,770
  • 20
  • 184
  • 232
Pardis
  • 1
  • 4
  • 2
    In addition to the below answers you do realize that your server will never see the MAC addresses of devices that are not directly connected to it via the layer 2 network protocol you are using. That is, if there is a router/firewall between your server and clients you will only see the mac address of the router. – Zoredache Jan 07 '14 at 22:08

2 Answers2

2

Users don't have Mac addresses - only network cards have them.

Do you mean how do you find the mac address at the client? (ifconfig on Unix/Linux, ipconfig on MSWindows).

Or do you mean how do you see the client's Mac address at the server? (arp -a on Linux/Unix).

But you are aware that mac addresses don't cross routers? And that they are trivial to spoof?

Maybe if you explained what you were trying to achieve by knowing the Mac address this you might get a more appropriate answer.

symcbean
  • 21,009
  • 1
  • 31
  • 52
  • In Iptables log you can see Mac : Jan 5 03:20:09 server6 kernel: [2995373.263147] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=d8:9d:67:15:16:4c:00:d0:04:33:fc:00:08:00 SRC=178.211.32.165 .84 LEN=40 TOS=0x00 PREC=0x00 TTL=111 ID=256 DF PROTO=TCP SPT=12200 DPT=8008 WINDOW=8192 RES=0x00 SYN URGP=0 I need somtings this , tools or any . – Pardis Jan 07 '14 at 22:05
0

It is usually not possible for a person to get the MAC address of a computer from its IP address alone. These two addresses originate from different sources. Simply stated, a computer's own hardware configuration determines its MAC address while the configuration of the network it is connected to determines its IP address.

However, computers connected to the same TCP/IP local network can determine each other's MAC addresses. The technology called ARP - Address Resolution Protocol included with TCP/IP makes it possible. Using ARP, each computer maintains a list of both IP and MAC addresses for each device it has recently communicated with.

Most computers allow you to see the list of IP and MAC addresses that ARP has collected there. In Windows, Linux and other operating systems, the command line utility "arp" shows this information. Using "arp," you can in fact determine the MAC address of some computers from their IP address. ARP works only within the small group of computers on a local area network (LAN), though, not across the Internet. ARP is intended for use by system administrators and is not generally useful as a way to track down computers and people on the Internet.