Is it possible to obtain a PC's network card MAC Address? If so how?
I wish to use this as a means of determining whether a sockets connection is allowable or not. Currently I'm using the PC network name, but this could be duplicated.

Originally posted by brandwooddixon
Is it possible to obtain a PC's network card MAC Address? If so how?
I wish to use this as a means of determining whether a sockets connection is allowable or not. Currently I'm using the PC network name, but this could be duplicated.

What U want to acive is not clear for me in details. Are U sure U need this really for your task?
ARP protocol is used for getting MAC address from IP. U can search for it in Net by request: ARP (or MAC to IP).

Let me explain. I have a system which allows client machines to connect to a server via socket connections. Data is then transferred between the client and the server. Currently when the client connects to the server it gives the server it's Computer Name, the server can then decide whether to allow the client to connect or not. As MAC addresses are unique I was thinking of using that instead. The client IP address will not necessarily remain constant between connections.
My alternative is to set a GUID within the client registry and pass that over. By using the MAC address I wouldn't need to produce different installation disks for each client unit, only make a note of the MAC and add it to the server/client authorisation table. Thus my original question of whether I can obtain a PC's MAC address at runtime, by software running on that PC.
If this is not possible and you can give me an idea of how to uniquely identify a PC, but in a way which does remain constant between connections then I would be grateful.

Originally posted by brandwooddixon
Let me explain. I have a system which allows client machines to connect to a server via socket connections. Data is then transferred between the client and the server. Currently when the client connects to the server it gives the server it's Computer Name, the server can then decide whether to allow the client to connect or not.


Where do U distribute this application?
As I've understood both server and client applications are witted by U/your organization. So server application provides some services for some client application, but only if it can pass some authorization process.
Do server and clent work in the same local area network or it is only optional?

What according to MAC-address, there are some ways but depends on OS of course.

Thats right. Both client and server code is written by myself. Sockets are used so that data transfer can take place over LAN or internet, otherwise I would have used named pipes. As it is they both run on Windows NT/2000, XP compatability not required yet due to other constraints.

So this is the problem of what type of authorization to choose. Before using of your program client need to be registered , which means to give you his MAC-address. Then it stores on the server side and after connection is
established client gives MAC (your client-side application gets it and then gives it to server-side) and if server has it in the MAC-table it allows to work, otherwise - no. Of course it is a possible scenario, nevertheless it hardly depends on computer netcard.

Here U can find how to get MAC-address:
http://tangentsoft.net/wskfaq/examples/getmac-snmp.html

You got it in one.
Thanks for your help I'll have a look at the link you gave.
If you don't think that this is the best way to go then what would you suggest instead?

Originally posted by brandwooddixon
If you don't think that this is the best way to go then what would you suggest instead?

Well, I haven't enough details about your project. What do server and client do?/What license do U want to provide for using?/...

I think U need to post a new message with subj like : "Ways to reject unlicensed program using" or smth like this, because current subj doesn't allow to get this problem.

No it's not to license the program only to determine whether the client to server connection is allowed.
The software is going to be issued with a runtime license anyway and can be used standalone, but extra functionality can be gained by use of the client to server connection. As this functionality is bandwidth and server intensive it is to be charged for. If the customer doesn't pay for their server usage then I want a way of preventing them from connecting - hence the authentication on socket connection.
It's much the same idea as ISP provision limiting you to the number of hours usage each month.

To find the MAC address of a local machine you could extract it from the registry. the key varies due to a different unique GUID bound to each TCP/IP adapter.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-xxxx-BFC1-080xxxxx0318}\0008 and REG_SZ value NetworkAddress contains the MAC address.

You could also redirect the APR -a command to a file and then parse the file for MAC addresses, these MAC addresses will be the actual MAC addresses of each Network Interface in the Subnet. The MAC address in the registry can be manually changed and therfore MAY not be the right one. the command to redirect is

ARP -a > MAClist.txt

Originally posted by shalomb

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-xxxx-BFC1-080xxxxx0318}\0008 and REG_SZ value NetworkAddress contains the MAC address.

Yep, as U have admited , it can be manually changed and as result - MAY not be the right one.


You could also redirect the APR -a command to a file and then parse the file for MAC addresses, these MAC addresses will be the actual MAC addresses of each Network Interface in the Subnet. the command to redirect is
ARP -a > MAClist.txt

Well, and if I know one of the MAC-addresses allowed on the server, who cans don't allow me to write the other program called ARP which returns the right MAC-address. Then I put it in directory with client application... and vuallla ... windows first searchs for a program without full path in the current directory (in difference to *NIX). Even though ... noone cann't allow me to change the original system ARP program to my one, if I have admin rights of course.
So this is the worse way from security reason so I suggest to get MAC with some sys calls (for ex. like above link describes it), but don't get it from registry or with help of some external program.
By this way it will be much more difficult to hack it, but of course possible too.