8

I am trying to (more or less) uniquely identify a system for licensing purposes. I have chosen the computer's on-board network adapter's MAC address for this task, since I can be sure that every cmputer running this software actually has one, and this avoids re-activation when changing e.g. the harddrive.

I am having troubles reliably identifying the onboard network adapter, though.

Using the "Win32_NetworkAdapterConfiguration" ManagementClass, I can get a whole lot of MAC Addresses, including the address I like, but I have not found a way to distinguish the onboard one from virtual adapters installed by Windows or Virus Scanners. This list seems to be ordered, though. The MAC Address I am interested in is (on my machine) listed before other (real) network adapters. (The list is ordered by interface index.)

Using NetworkInterface.GetAllNetworkInterfaces(), I think I can identify the real network adapters by filtering on .NetworkInterfaceType == NetworkInterfaceType.Ethernet, but this list seems to be unordered (an added network card appears before the onboards one).

Is first using the second method to get a list of real networks cards and then sorting them by the order of appearence in the first list a reliable way of identifying the MAC address I am looking for? Can the interface index in the first list change? I'd be happy to hear your thoughts!

Thanks!

P.S.: I know that the MAC address can be rather easily changed, but I can live with that. I cannot live with the customer not being able to use the software after simply inserting a WLAN stick =)

Jens
  • 25,229
  • 9
  • 75
  • 117
  • Why not cache all MAC addresses of interfacetype ethernet? – Ralf de Kleine Jun 21 '10 at 13:46
  • @rdkleine: This would break the activation if another network adapter is added. – Jens Jun 21 '10 at 14:01
  • You could compare all adapters with all the cached ones. One pair is enough, right? – Ralf de Kleine Jun 21 '10 at 14:12
  • @rdkleine: That would give the customer the possibility to create a "magical" WLAN Stick, das enables the software on any computer. I'd prefer to identify the onboard adapter. – Jens Jun 22 '10 at 08:50
  • 1
    If you are worried about such devices, maybe you shouldn't use a MAC address in the first place. MAC address spoofing isn't all that hard. – Ralf de Kleine Jun 22 '10 at 11:21
  • How would you distinguish an on-board (soldered on the motherboard) nic with one in a pci slot? Not sure if that is possible. They would show up the same as both are hooked to the pci bus. Or do you consider those the same, and only want to filter away the wireless and virtual ones? – Mikael Svenson Jun 28 '10 at 20:19
  • 1
    You should be able to get all PCI bound nics with some Windows API. Those which don't have a location on a PCI slot are either virtual or usb. http://webcache.googleusercontent.com/search?q=cache:SRohzYp5SigJ:www.eggheadcafe.com/aspnet_answers/win32programmermessaging/Aug2006/post27645262.asp+wmi+pci&cd=2&hl=sv&ct=clnk&gl=se – Mikael Svenson Jun 28 '10 at 20:39
  • @Mikael: Optimally, I'd like to identify the one soldered onto the mainboard. – Jens Jun 29 '10 at 06:24
  • On my laptop the onboard is at pci slot 0, while the wireless is at 12. And the wireless you can most likely detect is wireless in some way. Then the questions is to get the PCI bus devices and slots ;) And combine with other API's to sort of the network cards. – Mikael Svenson Jun 29 '10 at 06:29
  • @Jens: There's no difference that you are going to be able to detect between the motherboard and add-on NICs. Assuming your motherboard comes with one is quite a bold assumption, particularly for things like laptops and servers which often do not have NICs soldiered directly onto the motherboard. (Laptops often use mini PCI add in cards or at least have the NIC on a daughterboard, servers often only use add-on NICs) – Billy ONeal Jun 29 '10 at 23:58
  • You talk about "the" real network adapter, but remember there can be more than one of those, too. I don't know if they're guaranteed to always be returned in the same order. Even if they are, it might happen that a user takes apart their PC and puts it back together and swaps the NICs around. They swear that they "haven't changed the hardware" and yet the software stopped working. You'll have to handle this somehow, too. – EMP Jun 30 '10 at 03:52

4 Answers4

10

A rather low-tech solution would be to invoke the netstat command and look for the MAC address of the adapter that has a valid IP address. I've never seen the netstat command fail on a machine whereas I've seen WMI give unexpected results numerous times.

In any case, I have done a similar activation system before and I used the MAC address as the identifying key. In the end, it wound up being more trouble than it was worth - both for me and the customer! What I found to be a far better balance and less hassle was to have the user "sign in" the first time the software was installed. With the user's consent, you could send some piece of identification to the server such as their MAC address.

Then you only need to periodically check your activation database for evidence of major license violations and deactivate the keys as necessary. As a customer that hates product activation, and an ISV that hates software piracy, I can see both sides of the argument and this way it avoids putting the customer in the uncomfortable position of having to convince you they are legit when something (inevitably) goes wrong.

Just to name a few reasons why MAC identification may not work... I use two NIC's (wired and wireless) in my laptop depending on whether I'm at work or home. One or the other may be disabled at any time. The other thing to note is that I use virtual machines quite a bit and not only do they get their own MAC but I could specify any MAC I want. Then of course one day you'll find out that you have like 100 people in your database with a MAC of all zeros. :) Nothing is guaranteed here.

Josh
  • 68,005
  • 14
  • 144
  • 156
  • Thanks for the input! For the reason you mention, I want to use the on-board adapter even if another adapter has an IP address and the on-board one has none. Good point with the VM's, but I think this would not be a major problem with our customers... This will come back and bite me. =) – Jens Jun 21 '10 at 14:03
1

you should consider some other properties from WMI in addition to MAC address.

The way that Windows Product Activation handles this, is to look at properties like the MAC address (as well as other identifying information about the card itself, such as PCI vendor info), as well as some common device properties (HDD controllers, display adapters), and base the need for reactivation on certain thresholds. If too many of these things change, then reactivation is required.

Here's a great article on the topic and should give you some food for thought on how to approach choosing good properties to look at for your own licensing/activation system:

http://aumha.org/win5/a/wpa.php

Warren Rumak
  • 3,824
  • 22
  • 30
1

If your main requirement is to uniquely identify a PC, then I suggest you take a look at this question. The accepted answer talks about a solution as well as the pitfalls of using the MAC address identifier approach

Hope this helps

Community
  • 1
  • 1
Ryan Fernandes
  • 8,238
  • 7
  • 36
  • 53
1

To access Network Interface details in .Net, refer to the NetworkInterface.GetPhysicalAddress method within the System.Net.NetworkInformation namespace.

Usage is detailed on MSDN.

I would definitely refer to the link Ryan has provided with regards to relying on a MAC address for identification.

Community
  • 1
  • 1
Kynth
  • 2,597
  • 1
  • 18
  • 24