This is part of a series of Networking Plus tutorials previously published on the network site.
Click here to view the list and buy the Book + Network Guide to Networks.

Wireshark is a free network open source analytics tool that helps network experts identify network messaging and implement an OSI-based model. Most packets sent over a network have the recipient’s MAC address, the sender, or both.

 When you collect network data with Wireshark based on the default settings, it also collects information about the network card manufacturer, allowing you to obtain information about each device.

 When you download and run the tool above you will see an image like the one below.

In the figure above, just click on your Active Connection (WiFi or Wired) in the above image to see MacAddress.

 Clicking on this will bring up a window that shows the activities done on the network.

 The middle panel of this window shows information about the status of communications and the protocols used. In this panel, if you double-click on the Ethernet II option to open it, Wireshark will show your Mac adresses the network card in front of the Source field as shown below.

Occasionally, you have to work with physical addresses provided by an output command or access information beyond what Wireshark offers.

 In such cases, it is advisable to use online MAC address tables similar to Wireshark’s OUI Lookup Tool.

1. You can see in the figure above that the MAC address is specified in the source field. The first three bytes of this address, c8: f7: 33, specify the device’s OUI. If you go to wireshark.org/tools/oui-lookup, enter these values ​​into the OUI search field, and click the Find button, the Wireshark OUI Lookup tool will give you some interesting information.

Access Macadress information via command line

2. To view Macadress information via the command line, open the Command Prompt window

and enter the ipconfig / all command to identify the physical address of the network card.

3. To select and copy the required information to the clipboard, first press Ctrl + M to enable markup,

then select the first three bytes of the physical address of the active network connection

with the mouse and press Ctrl + C. (In the Command Prompt window, copy the first three bytes of MacAddress.)

4. Navigate to the Wireshark website search field (as you mentioned in the previous paragraph) and press Ctrl + V to place the information into the Wireshark Lookup Tool field, then click Find. What company is your network card manufacturer?