ethernet interface serial number leak risk?

Just curious, this serial number,
# lshw
description: Ethernet interface
logical name: eth0
serial: 00:11:e3:....
if known to outsiders, could pose some kind of security risk?

On Tue, 12 Jul 2005 02:22:14 +0800, Dan Jacobson <jidanni@jidanni.org> wrote:

> Just curious, this serial number,
> # lshw
> description: Ethernet interface
> logical name: eth0
> serial: 00:11:e3:....
> if known to outsiders, could pose some kind of security risk?

Just like your current IP number, computers talk to each other
with numeric addresses, unplug the network for a secure system :o))

--Grant.

Dan Jacobson wrote:
> Just curious, this serial number,
> # lshw
> description: Ethernet interface
> logical name: eth0
> serial: 00:11:e3:....
> if known to outsiders, could pose some kind of security risk?

Yes and no.

The "number" is your computer's address (at layer 2). If it wasnt
knowable, your machine couldnt communicate with others. Your question is
a little like asking "If I tell people my postal address, is that a
security risk".

Answer "yes" if you dont lock your front door and you have many enemies.

Answer "no" if your house is secure.

Chris

--
http://www.lowth.com/rope - Control of complex protocols (such as P2P)
using Linux, Iptables and the ROPE scripting
language.

Dan Jacobson wrote:
> Just curious, this serial number,
> # lshw
> description: Ethernet interface
> logical name: eth0
> serial: 00:11:e3:....
> if known to outsiders, could pose some kind of security risk?

That is funny. I have never seen a MAC address described as a serial
number before. Given its purpose, that's a simply horrible tag to put
on it. But then again, "MAC address" isn't particularly useful either.
Maybe it should be listed as "uid" for unique identifier.


--
Tony Lawrence
Unix/Linux/Mac OS X resources: http://aplawrence.com

In article <87r7e59p9l.fsf@jidanni.org>,
Dan Jacobson <jidanni@jidanni.org> wrote:
:Just curious, this serial number,
: # lshw
: description: Ethernet interface
: logical name: eth0
: serial: 00:11:e3:....
:if known to outsiders, could pose some kind of security risk?

Since that information is contained in the header of every packet you
send out on that interface, I'd have to say, "No."

Your concern is similar to one I heard a while back from someone who
considered it a horrible risk to tell a company the account number for
his checking account, but was perfectly willing to send that company an
actual check -- which of course has that information printed across the
bottom.

--
Bob Nichols AT comcast.net I am "rnichols42"

On Tue, 12 Jul 2005 15:54:19 +0000 (UTC), Robert Nichols wrote:
>
> Since mac information is contained in the header of every packet you
> send out on that interface, I'd have to say, "No."

Also, I thought the mac address was stripped at the first router/gateway.

Grant Coady wrote:

> On Tue, 12 Jul 2005 02:22:14 +0800, Dan Jacobson <jidanni@jidanni.org>
> wrote:
>
>> Just curious, this serial number,
>> # lshw
>> description: Ethernet interface
>> logical name: eth0
>> serial: 00:11:e3:....
>> if known to outsiders, could pose some kind of security risk?
>
> Just like your current IP number, computers talk to each other
> with numeric addresses, unplug the network for a secure system :o))

....and put your computer in a welded box with no openings. Network access
is one thing, but if someone can get physical access to your system, all
bets are off :) Precisely the reason data centres have cages to isolate
customers from each other.

James
--
Whatever doesn't succeed in two months and a half in California will
never succeed.
-- Rev. Henry Durant, founder of the University of California

In article <slrndd8067.d5j.BitTwister@wb.home.invalid>,
Bit Twister <BitTwister@mouse-potato.com> wrote:
:On Tue, 12 Jul 2005 15:54:19 +0000 (UTC), Robert Nichols wrote:
:>
:> Since mac information is contained in the header of every packet you
:> send out on that interface, I'd have to say, "No."
:
:Also, I thought the mac address was stripped at the first router/gateway.

True, but the MAC address is totally useless unless you're on the
same subnet. The point is that anyone who could make _use_ of the
MAC address, i.e. those who share your subnet, can see that address
in every packet you send out.

--
Bob Nichols AT comcast.net I am "rnichols42"

In the Usenet newsgroup comp.os.linux.security, in article
<87r7e59p9l.fsf@jidanni.org>, Dan Jacobson wrote:

>Just curious, this serial number,
> # lshw
> description: Ethernet interface
> logical name: eth0
> serial: 00:11:e3:....
>if known to outsiders, could pose some kind of security risk?

If someone finds your cell phone number, is that a security risk?

If someone finds your public key (GPG or PGP), is that a security risk?

How about if someone finds the serial number on the motor block of
your car (not the VIN - that number is often visible from outside
the car - by law).

Ethernet MAC addresses have been used as license keys for software for
some years. The frustration when the NIC fails, or when the computer
is replaced is another reason why /sbin/ifconfig has the 'hw' option,
and why that key is rarely used. For most hardware, the MAC address
is as useful for identification as the Host ID (see gethostid).

VERY few applications are even aware that the MAC address exists (it
doesn't if you have no NIC). Two old mail tools that I used years ago
on Suns used the MAC as part of the 'Message-ID' header for mail (see
RFC0822 section 4.6.1, and RFC2822 section 3.6.4). I vaguely recall a
news reader from long ago that did the same thing.

Bottom line: For non-police situations - this is a non-issue. For
police situations (criminal evidence), "there are other ways".

Old guy

>> description: Ethernet interface
>> logical name: eth0
>> serial: 00:11:e3:....
>>if known to outsiders, could pose some kind of security risk?
>
>
> If someone finds your cell phone number, is that a security risk?

I would say a DOS risk. The someone could report the phone stolen and
have the provider switch it off, or hammer it with text messages until
it's memory is full, thereby preventing it from receiving legit messages ;-)

J.