This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Can I determine approximate date of manufacture based on MAC address?

charles_patters
New Contributor II

‎01-04-2019 12:28 PM

We found a few Ruckus AP's broadcasting similar names to my client's corporate SSID, but they may be on different floors of our building - that were leased to a different company many years ago.

They are not on my client's floors (weak signal only in one corner near a window) but due to the similarity in SSIDs have now gotten the attention of the security department. They may be on floors higher up  in the building- since my client used to own those floors.

We are curious if the detected MAC addresses could indicate the possible date of manufacture. That could at least indicate if this theory is possible- that they may have been installed years ago, never removed, and left powered.

Getting access to those floors for inspection is not possible yet, without major bureaucratic corporate decisions, hence trying to discern as much as possible with given information.

Sample addresses:
2C:5D:93:14:9E:AC
38:FF:36:17:6A:78
C0:8A:DE:A2:C8:C8

Thanks
Charles

13 REPLIES 13

mikhail_starozh
New Contributor III

‎01-05-2019 02:54 AM

Hi Charles.
All of the above addresses belong, according to the site macvendors.com, to Ruckus Wireless. You can write them a request, but IMHO will not help you, as the equipment could be stored for a long time before it was sold.
But could you tell me why your SSID's “similarity” worried you? Is it possible to use your wireless network without a password?!!
0 Kudos

charles_patters
New Contributor II
In response to mikhail_starozh

‎01-05-2019 06:43 AM

Hi, thanks for the reply.
The concern for the security director is mainly due diligence. It's a multi national company so they want to be sure of what is going on. He's looking to me to help explain why he should or shouldn't be worried.
They first were concerned that someone was trying to harvest login credentials by spoofing their own network. I don't think that is the case. Knowing if these were older units might help form a picture of what is going on.

Thanks
0 Kudos

jardel_almeida1
Contributor

‎01-05-2019 12:43 PM

Initially I would try to contact the IT manager responsible for the LAN / WLAN, and ask him to consult via cdp / lldp if the MACs are associated in some interface of the switch, and would request the blocking of these APs (since he has nothing or nobody associated.


PS: I believe that the date of manufacture is irrelevant, the ideal would be to identify the models, to know if it is dual band, to identify the IP address, if they are running behind controllers, or if they are stand-alone.

Thus, some action (removal / configuration) would be easier with respect to the SSID.
0 Kudos

charles_patters
New Contributor II

‎01-05-2019 02:05 PM

The current IT department only goes back 4 years and they do not (apparently) have any records from before that, as there were major changes then- including a full remodel of the building and all infrastructure- and giving up most of the building to other tenants.
Knowing the approx date of manufacture was just one avenue I was considering to see if the units may have been from that far back.
Thanks
0 Kudos
Copyright © 2024 Khoros, LLC