Obtaining MAC address - asp-classic

According to Obtain client MAC address in ASP.NET Application, it is not possible. I am not entirely convinced because whenever I connect to Tim Hortons WiFi, my MAC address is known.
Occasionally, the network is slow and I see this URL like this before being redirected to the Connect page:
http://timhortonswifi.com/cp/tdl3/index.asp
?cmd=login
&switchip=172.30.129.73
&mac=60:6c:66:17:1a:83
&ip=10.40.66.229
&essid=Tim%20Hortons%20WiFi
&apname=TDL-ON-NEP-02177-WAP1
&apgroup=02177
&url=http%3A%2F%2Fweather%2Egc%2Eca%2Fcity%2Fpages%2Fon-72_metric_e%2Ehtml
So according to this URL, the site knows the IP address of the router, my MAC address, the IP address assigned to my device by the router, the network SSID, some other pieces of information, and the URL I was trying to access prior to connecting.
There's two options: Tim Hortons WiFi Basic and Tim Hortons WiFi Plus, where the "Plus" option allows me to connect to any Tim Hortons WiFi access point in Canada automatically with this device. Registration requires an email address, so I'm assuming this is possible by checking the MAC address and storing it in a database that routers ping upon connection. More info here.
According to the extension of this page, I can safely assume it is ASP. How are they obtaining this information?

When your client traffic reaches the first router, that router will route the traffic to the adecuated port, changing the response MAC address with its own MAC address so the answer will be routed to it. And this will happen for each of the routers the packets travel by. So, at the end, the web server will only see the MAC address of the last router where the answer will be sent to be routed back to the previous roter, and this process repeated until the answer reaches the client.
No, there is not way to obtain the MAC address of client from server side.
But, what you are seeing is a client sending its information to a server. So, the answer can be converted into "how can i obtain my local mac address and send it to the server?".
Browsers do not allow to read this information. Some properly signed/configured ActiveX or Java applets can do it, but they can be blocked, or you can have some device that will not execute java nor activex, so it is not a reliable way of doing it.
In the case in your post, the easiest way of doing it is configuring the wifi access point dhcp or dns server to serve a proxy configuration file that will allow to configure a redirection to the desired web server, redirection that has been created inside the access point, which have all the shown information in your post.

Related

What happens when my browser does a search? (ARP,DNS,TCP specifics)

I'm trying to learn the basics of ARP/TCP/HTTP (in sort of a scatter-shot way).
As an example, what happens when I go to google.com and do a search?
My understanding so far:
For my machine to communicate with others (the gateway in this case),
it may need to do an ARP Broadcast (if it doesn't already have the
MAC address in the ARP cache)
It then needs to resolve google.com's IP address. It does this by
contacting the DNS server. (I'm not completely sure how it knows
where the DNS server is? Or is it the gateway that knows?)
This involves communication through the TCP protocol since HTTP is
built on it (TCP handshake: SYN, SYN/ACK, ACK, then requests for
content, then RST, RST/ACK, ACK)
To actually load a webpage, the browser gets the index.html, parses
it, then sends more requests based on what it needs? (images,etc)
And finally, to do the actual google search, I don't understand how
the browser knows to communicate "I typed something in the search box
and hit Enter".
Does this seem about right? / Did I get anything wrong or leave out anything crucial?
Firstly try to understand that your home router is two devices: a switch and a router.
Focus on these facts:
The switch connects all the devices in your LAN together(including the router).
The router merely connects your switch(LAN) with the ISP(WAN).
Your LAN is essentially an Ethernet network which works with MAC addresses.
For my machine to communicate with others (the gateway in this case),
it may need to do an ARP Broadcast (if it doesn't already have the MAC
address in the ARP cache)
Correct.
When you want to send a file from your dekstop to your laptop, you do not want to go through the router. You want to go through the switch, as that is faster(lower layer). However you only know the IP of the laptop in your network. For that reason you need to get its MAC address. That's where ARP kicks in.
In this case you would broadcast the ARP request in the LAN until someone responds to you. This could be the router or any other device connected to the switch.
It then needs to resolve google.com's IP address. It does this by
contacting the DNS server. (I'm not completely sure how it knows where
the DNS server is? Or is it the gateway that knows?)
If you use DHCP, then that has already provided you with the IP of the DNS server. If not, then it means that you manually provided the IP of the DNS. So the IP of the DNS server is stored locally on your computer.
Making a DNS request is just about putting its IP in the packet with the request and forwarding the packet to the network.
Sidenote: DHCP also provides the IP address of the router.
This involves communication through the TCP protocol since HTTP is
built on it (TCP handshake: SYN, SYN/ACK, ACK, then requests for
content, then RST, RST/ACK, ACK)
Yes. To clarify things: When your computer sends the request
FRAME[IP[TCP[GET www.google.com]]]
The frame is being sent to your LAN's switch which forwards it to the MAC of the router. Your router will open the frame to check the destination IP and route it accordingly(in this case to the WAN). Finally when the frame arrives at the server, the server will open the TCP segment and read the payload, which is the HTTP message. The ACK/SYN etc. messages are being processed just by your computer and the server and not any router or switch.
To actually load a webpage, the browser gets the index.html, parses
it, then sends more requests based on what it needs? (images,etc)
Yes. An HTML file is essentially a tree structure which can have embedded resources like images, javafiles, CSS etc. For each such resource a new request has to be sent.
Once your browser gets all these recourses, it will render the webpage.
And finally, to do the actual google search, I don't understand how
the browser knows to communicate "I typed something in the search box
and hit Enter".
When you type a single character, it is being sent to the server. The server then responds with its suggestions. Easy as that.
References(good reads):
http://www.tcpipguide.com/free/t_TheNeedForAddressResolution.htm
http://www.howtogeek.com/99001/htg-explains-routers-and-switches/
http://www.eventhelix.com/realtimemantra/networking/ip_routing.htm#.UsrYAvim3yO
http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol

Networking Dilemma IP stack(Microcontrollers)

I basically have used the ethernet connection successfully with Microcontrollers to control real world aspects,The dilemma is of IP address I mean how can 192.168.0.155 be accessed from around the world without any specific MAC ID attached to it, I wanted to implement the same networking usage with a GSM module eliinating wires but that doesn't have MAC addressing so TCP connection from it towards a IP client won't reach?
I am not sure how you did your 'real world control' with Ethernet before, but the MAC address does not 'live' past the next recipient (which means after the next switch) so do not use it for anything.
Your 192.168.x.x address is private, so it will never appear beyond your internet gateway (i.e. your GSM modem if you used GPRS), and it cannot be used directly for anything on the internet. It is not easy to briefly explain here how the internet routing works, but you should either use port forwarding towards your private IP address given to you by hour DHCP server (in which you have to initiate request from the client so that other side would not the IP address and the port), or you have to either have fixed public IP address or you could use some dynamic DNS service (like http://www.noip.com/), or you can update data from the client on some server over which you have control (like if you updated data manually from your PC).
All summed up, it is not very clear what you are trying to achieve, but I would say you need to check out some things about internet routing before you proceed.

Can I track Activities , if i know the IP?

Say if i have the IP of a user x.x.x.x , then using the IP can i track all the activities that the user is doing ? How can i do this ?
how can i check which web pages is the user opening or something similar
please guide
No, you cannot. Traffic is point-to-point and knowing the address of a point is not enough to know the traffic going to/from that point. It's like asking if you can read someones (snail) mail just because you know their house address.
In order to "snoop" that fully, you need to be in the middle where all traffic passes through your node (liking having the postman give you the mail and then you giving it to the owner of the house).
If you have a machine, the traffic from the user is reaching it (e.g. you're connected to the same switch) then probably yes. The most trivial way is using network sniffer (Wireshark for windows, tcpdump for Linux).
However if the used surf SSL secured site (a.k.a https) than you will see only encrypted content
Geolocation is not accurate because the primary source for IP address data is the Regional Internet Registries. They do not hold a database for information about individual IP addresses, but information about ranges of IP addresses that have been assigned to certain organizations. Such an organization has free reign over the IP addresses they get and they do not need to give location information to the RIRs. In other words, only your ISP knows your exact location. If you want to find the location of a user you will have to ask your ISP, and they will most probably deny your request.
You can't sniff packets sent from someone, unless you are part of the same subnet - you would have to be connected to the same switch and be on the same Virtual LAN as that user. Even if you somehow find the physical location of a user and connect to the same switch, the ISP has most likely sat up port security, which would deny access to your MAC address.
In conclusion, unless you are already connected to the same switch, you can't track that user's activities.
If you are connected to the same switch, you can install one of the popular packet sniffer utilities such as Wireshark and set it to promiscuous mode.

is there a way to programmatically prevent certain mac address from accessing my web application

i am using windows server 2003 and 2008
i am about to install a web application on a server that is connected to other computers using simple wired network i.e. no active directory, no domain controller etc..
my question is:
is there a way to prevent mac addresses outside my specified list from accessing my application ? should it be through IIS or Web.config or should i put certain code in the page load events.
another concern: if i use an SSL to secure my application, is it enough along with a reputable anti virus to prevent a virus to access my server through any network computer using my web application
I don't think this is possible.
If you visualise the route from the client to your server; along this route there are 'hops', i.e., routers and switches which route the client's request down one of multiple paths.
At each hop a different MAC address is inserted into the packet - this is the MAC address of the next hop on the route.
So although the IP address always stays the same throughout the entire route (hence you can use the server variables or such like to determine the client's IP address) the MAC that you receive at the server after the final hop is actually the MAC address of the last networking device that the request was directed through.
The only way you'd be able to accurately use this MAC address for some sort of access control is if you had no routing or switching hardware between you and all the clients.
What if routing is involved - the MAC address you'd like to exclude is on another network? In that case you'll never see the MAC address. Using IIS you CAN filter specific IP addresses.
the simplest way to secure a network (also minimum requirement, else considered non-secure network)
1-get CISCO switches and router or (multilayer switch)
2-change native VLAN then create and configure VLANs for example 10, 20, 30 and put ranges of IP for each VLAN
3-enable port security: set max number of mac addresses and enable MAC address "sticky"
4-configure routing protocol to allow switches to "talk" to each other
good luck

How to get the MAC address of the visitors' PC in an ASP.NET webApp?

In an ASP.NET (C#) WebApp, I can get the IP of the visitors' PC easily, But How to get the MAC address of the visitors' PC in an ASP.NET webApp?
And this ASP.NET app is runing on the inner intranet of our company, and the visitors are also in the same inner intranet of our company.
The MAC address is not part of the IP header (or any other protocols above that), and thus not available if all you see is the HTTP traffic.
EDIT (after OP's update): Since clients and servers are on the same internal network, wouldn't it be better to get a host name from the IP address instead of the MAC address? You can easily look up the host name based on the IP address.
The answer that immediately comes to mind, is that this is only possible if you write an ActiveX control that runs in the client browser to obtain this information on your behalf. On the other hand it might be possible with JavaScript on the client if the javascript can instantiate a COM object that will get the information. The only other way I can think of is have a windows service that does an ARP request once the IP has been captured.
You can't easily do this. There are protocols such as ARP which allow translation between MAC and IP addresses, but this traffic is typically behind a firewall and so not available to you on a public website.
On an intranet, you might be able to do something, but not via ASP.NET. You would need to use other mechanisms to capture this information - but those kinds of tools (e.g. packet sniffers) are generally not available to developers and may contravene corporate IS policies.
Since you're on the same subnet, you can P/Invoke GetIpNetTable to get the webserver's ARP table. If you do this real-time, no additional work would be necessary - since you're having a conversation with the client, you'll have the ARP info. Otherwise, you'd need to construct an ARP request or some IP traffic (say, a ping) to get it in the cache - and note that due to DHCP and other network vagaries (like a machine being turned off), it is possible that converting IP to MAC later will yield a different answer.
Note also that any external clients (ie., ones across a router) just won't show up in the table - so be prepared to deal with that as well. If you need a MAC for them for some reason, it's technically your router's MAC.

Resources