34

I have my website, and it records the number of visitors, IP and time of access...

I want to identify each visitor... I think that this was possible recording IP Address... but when the IP is dynamic, my system fails. So I think that I can solve it recording MAC address... is possible? What language should use? PHP, ASP, Javascript?

Thanks

Edit: What I can use to identify each user without having login information (username & pwd).

Mike Atlas
  • 8,193
  • 4
  • 46
  • 62
richardaum
  • 6,651
  • 12
  • 48
  • 64

4 Answers4

55

The MAC address, by TCP/IP standards, is never communicated outside of the local-area network to which it pertains — routers beyond that LAN don't even get the information you're trying to record.

There are many other ways to try and identify unique visitors, including matching the user-agent's details in addition to the IP, serving cookies as part of your response, etc… it is, after all, a core functionality in the field of "web analytics".

MAC addresses are simply not part of the gamut of techniques that it makes sense to utilize for it!

Giacomo1968
  • 25,759
  • 11
  • 71
  • 103
Alex Martelli
  • 854,459
  • 170
  • 1,222
  • 1,395
7

It is only possible if you use a technique where you install a "native" app on the client machine. For example, an activeX component, java applet or a client application. Then that application, once installed can get the MAC and then call to your web server with the MAC as an argument. In other words, you have to build your own front end "browser" to handle logging in. Then once the user is logged in, you can launch the app in the default browser.

It would be nice if future browsers allowed users to give permission to specific sites to access the MAC. Then if a site had a button that said "Register this device" the web application could do so without needing an additional native app installed (after all, the browser IS a native app).

Russ Reese
  • 79
  • 1
  • 1
  • 9
    I disagree with the "It would be nice..." - MACs can be spoofed easily and would provide no real security. – Basic Jul 20 '13 at 10:53
5

Can't you just have them store a cookie, so that when they come back they can be uniquely identified? No username/password requirement.

http://en.wikipedia.org/wiki/HTTP_cookie

Shawn D.
  • 7,895
  • 8
  • 35
  • 47
  • But cookie isn't reliable... isn't it? – Wali Jul 21 '13 at 15:22
  • @Wali Kind of, but what is really completely reliable in the internet? I did change my computer's MAC address to gain more data, it was in a library and they only allow every user to transfer 200MB data through the wifi. You are right, cookie isn't reliable, but in some situations, it's acceptable. – cyl19910101 Aug 24 '17 at 20:43
  • So that doesn't solves the problem to get client MAC address :) – Wali Dec 03 '17 at 17:04
  • The consistency of cookies may hugely vary based upon the use case and relies upon the fact that if the client is interested in respecting it or not. e.g. If I want to breach the limit SLA via concurrently requesting from my terminal – alter123 May 16 '21 at 08:50
4

Sorry but sending MAC address isn't part of the HTTP. However, you can use cookie to identify different users. Any backend language will do (add cookie in the server side). You can set the cookie in the client side using JavaScript too.

cyl19910101
  • 176
  • 1
  • 7