Page 1 of 1
MAC address (or something similar)
Posted: Tue Oct 03, 2006 12:41 pm
by Flamie
Is there any way to be able to log a specific computer from something that doesnt change?
ip changes (or proxys hide them)
Getting the MAC adress would be ideal, I'm not sure if its possible tho.
What do you suggest?
Posted: Tue Oct 03, 2006 1:03 pm
by miro_igov
You can't read the mac, but you can set a tracking cookie with unique info and you can read it later and assign with previous IP addresses used.
This is not so accurate because the user could delete the cookie.
Posted: Tue Oct 03, 2006 1:11 pm
by Flamie
yeah thats what I'm currently using. But as you said, anyone with a little knowledge will figure it out and just clear cookies.
Posted: Tue Oct 03, 2006 1:25 pm
by Luke
but definately more accurate than IP
Posted: Tue Oct 03, 2006 2:55 pm
by bokehman
Why do so many people want this? Don't they realise the web is supposed to be an annonomous medium unless the client allows otherwise?
Posted: Tue Oct 03, 2006 3:00 pm
by volka
I'm sure they all have nothing but good intentions in mind

Posted: Tue Oct 03, 2006 3:56 pm
by Chris Corbyn
MAC addresses can be changed easily anyway. timvw wrote a fingerprinting class or something in code snippets I think. Still not foolproof though.
Posted: Tue Oct 03, 2006 5:11 pm
by Todd_Z
I didn't realize how easy it was to change your mac address on a linux box until just now, couldn't you just hijack all of someone network data by changing your macaddress to theirs? Seems to easy to be true, but...
Posted: Tue Oct 03, 2006 6:44 pm
by waradmin
Many people want mac addresses to for example avoid multiple registrations on websites, etc. By storing the mac address, the user would need to use a different machine for each account (unless they knew about changing mac's)
-Steve
Posted: Tue Oct 03, 2006 7:11 pm
by brendandonhue
Todd_Z wrote:I didn't realize how easy it was to change your mac address on a linux box until just now, couldn't you just hijack all of someone network data by changing your macaddress to theirs? Seems to easy to be true, but...
Luckily no, spoofing someone's MAC address isn't much of a problem except on things like wireless networks that use MAC filtering to identify users, etc.
Posted: Tue Oct 03, 2006 9:08 pm
by waradmin
brendandonhue wrote:
Luckily no, spoofing someone's MAC address isn't much of a problem except on things like wireless networks that use MAC filtering to identify users, etc.
Only if the wireless network does not tie the MAC to the system name. I know some wireless networks tie the mac address to the system name to avoid mac spoofing.
Sorry, off topic but none the less, a bit on topic.
Posted: Wed Oct 04, 2006 2:03 pm
by pickle
bokehman wrote:Why do so many people want this? Don't they realise the web is supposed to be an annonomous medium unless the client allows otherwise?
If this is an internal network, it's officially an
intranet not an internet - original intentions get thrown out the window.
As has been said, there's no way to get the MAC address of someone. However, if you're running this script on the same box as the one handing out IPs, you can parse the dhcp.leases file to get the MAC.