> Anyone know of a way to grab a client machines mac address? Am looking for
> a way to do it with Cold Fusion, scripting, ActiveX, or Java. Any tips or
> suggestions would be greatly appreciated. Wanting to use the mac address
> for security verification.
>
From;
http://www.sans.org/newlook/resources/IDFAQ/mac_address.htm
<quote>
Can I use the MAC address of an Ethernet packet to trace an attacker?
If the attack originated from a system that has a direct connection to
your system with no gateway in between, then you can use the MAC address.
But, if a gateway is in the path, then the gateway replaces the MAC address
of the sender with its own address. As a result, you can trace the attack to
the gateway only. If the gateway has extensive logging enabled, you might
consider searching the log file for more information.
</quote>
>From the above and given that CAFS works at the OSI application level
and that MAC is below that level I would conclude that you are unlikely
to accomplish your goal. Gateways are going to be in the transit path of
most http sessions CFAS participates in and CFAS is not generically
capable of sniffing packets.
If a gateway is not a concern than I might suggest one of the Seller
tags as a possibility. You'll have to have a tool running that can
generate a file of packet data that CFAS can reference - with the caveat
that gateway translation will probably make the data unavailable.
That's all server side.
Client side;
http://www.cyberport.com/~tangent/programming/winsock/advanced.html
at question 4.7 there seems to be a decent overview of what you will
need to deal with via client side Java/Activex - if at all possible.
It still doesn't look possible, certainly it will not be a trivial
task. The SNMP API, NETBIOS API and RPC/OLE API discussed
are in the context of winsock - any solution developed from this
will have to be one of a set of solutions encompassing several
client OSs.
Looks like a good few months worth of research and a fascinating
(well, at least an educational) project.
Good luck - we'll all be awaiting the cfx tag from you. :)
Pan
p.s. on an intranet or vpn or extranet the effort will be
less as the parameters of the task *should* be under
your control - i.e. everyone same OS, same browser,
direct access to servers and routers, deliberate
non-inclusion of a gateway, etc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
