Hacker News new | past | comments | ask | show | jobs | submit login

My Ubiquiti UniFi UDM is not good at device identification. It's kind of annoying because I have this big list of devices on the network and it's peppered with devices that I know don't exist. I'd appreciate it if it said something like "Maybe iPad Air", instead of just "iPad Pro 2nd Gen" when I know no such device is on my network.



ios devices (unsure about android) use random MACs on wireless networks by default.

https://support.apple.com/en-us/102509


The random MAC is generated only once per network, and re-used for every subsequent future connection to it, until the network settings are reset


The random MAC would still be within the vendor prefix though, and a MAC address won’t identity a specific device type anyway.

Edit: I’m wrong


No it isn’t, vendor prefixes are sort of an anachronism. Bit 41 - bit 1 of the first octet is reserved for local (random) use. That and the group bit (40) set to 0 means the second digit of the human readable MAC is 2, 6, A or E, but that’s it.


My bad, thanks for the correction! You still can’t identify a specific device type based on the MAC address though, right?


On the same WiFi network yes you can - it uses the same MAC on the same SSID. Remembers the "random" MAC after the first connection (and if you first connected to the networks before they added MAC randomisation in iOS14, it "remembers" the actual MAC of the device, so you didn't have compatability issues after the iOS14 upgrade).

So you can't use it to track devices between multiple SSIDs including when scanning for networks, but you can use it to persistently identify a device when connected to the same network.


You misread the question.


Yep, you're right. Agree with the other post - the randomly generated MACs have no manufacturer info.


Other than perhaps the manufacturer from the OUI, no.


There’s no manufacturer in a randomly generated local OUI.


Random aside for this, I believe this functionality existed for many years but actually hasn’t worked until recently. (Take this with a grain of salt)


I had to turn random MAC off, my google mesh could not handle it. Wifi on my samsung phone would only work for a couple of minutes.


Most personal devices now use randomized MACs so it's hard to ID them.

You can go via IP though, pull up your DHCP lease on your phone/laptop/whatever and match it to the same IP in Unifi, then manually name the device.


Do the UniFi products just try to use MAC addrs for this, or do passive/active TCP/IP fingerprinting?


I think it’s fingerprinting - if you look in the logs it gives you certainties of different devices that it thinks it might be


Just MAC registrations.


Occasionally it's fun to discover new devices.

"It thinks my WiFi dog feeder is a Technoelectrocom 56XR-2000? What the hell is (was) that?"


I found out that unifi plug in doorbell chimes use an esp32 this way because I saw one on my devices table, before it had booted fully and handshook as it's real Identity


Do you mean the non-PoE version? I have the PoE version sitting in a box somewhere and I'm a ESP32 enthusiast so I'm wondering if that's what I'll be doing today. Surely they're using it just as a WiFi coprocessor? Or...?


The non PoE one, the one that just plugs into a normal power outlet

My PoE one has only ever identified as what Ubiquiti thinks it is, so no idea


The traffic stats my UDM shows are complete fiction. The data it presents makes no sense.


You can fix this by setting fixed IPs. But yes Unifi is not great at this.


Cisco ISE thinks all iPhones are FreeBSD.


That’s because your profiling is not set up correctly


I didn't set it up. :)




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: