-4

I'm trying to get the unique machine address of the client using the c# Web API. I have used Network Interface to get the MAC address while running below code on the local server it is working great. But when I deployed it on development server I get some weird same address.

below is the code that I have used to get the MAC address.

 public string GetMacAddress()
            {
                NetworkInterface[] nics = NetworkInterface.GetAllNetworkInterfaces();
                String macAddress = string.Empty;
                foreach (NetworkInterface adapter in nics)
                {
                    if (macAddress == String.Empty)  
                    {
                        IPInterfaceProperties properties = adapter.GetIPProperties();
                        macAddress = adapter.GetPhysicalAddress().ToString();
                    }
                }
                return macAddress;



        }

note: if there is any possible way to uniquely identify user machine.

Bhushan Dhage
  • 49
  • 7
  • Please add more information. How do you 'use' the network interface. Do you have multiple interfaces on the server? What are you trying to do? Who is the user? The server's NIC or anyone who connects to it? Also please note that the MAC address is comming from the last network hop, so probably your router. Some code would be nice. – FalcoGer Feb 06 '19 at 07:46
  • mac addresses are only really relevant on the local link. How likely is it that any of your users will have machines hanging off of the same switch as your server? – Damien_The_Unbeliever Feb 06 '19 at 07:46
  • Please provide sample code that's failing, and the error message(s) that you're seeing. – kdmurray Feb 06 '19 at 07:47
  • IP uses IP addresses, not MAC addresses. SO doesn't know *your* MAC address, it does know your IP though. What are you trying to do? If you want to log requests, the IP address is already logged by the web server – Panagiotis Kanavos Feb 06 '19 at 07:47
  • @kdmurray I have atatched the code please go through it. – Bhushan Dhage Feb 06 '19 at 07:51
  • @FalcoGer I am trying to get the user mac aadress who will use the website. – Bhushan Dhage Feb 06 '19 at 07:52
  • well, you loop through your local network interface cards. and no that is not possible. your user will connect through your router (any many others), which will strip the layer 2 encapsulation and put it's own around it with it's own source mac. – FalcoGer Feb 06 '19 at 07:58
  • Ok understood @FalcoGer is there any possible way to get the client Ip. – Bhushan Dhage Feb 06 '19 at 08:00
  • that depends on how the client is connecting and what kind of application you have. if you have a webserver running asp.net you can get the ip from the request-object. if you have a tcp or udp socket you can get it from the socket-object. – FalcoGer Feb 06 '19 at 08:08
  • I'm able to get the IP , but i want the clients unique machine info. – Bhushan Dhage Feb 06 '19 at 08:14
  • I'm afraid that's not possible without running code on the client. You could use the request header, however that's easily spoofed and similar machines with same os and browser will send the same info. After authentication you can drag along a token like a sessionid in the query string to uniquely identify a user, or without authentication a session of the user. – FalcoGer Feb 06 '19 at 10:03
  • @FalcoGer understood thank you ! – Bhushan Dhage Feb 07 '19 at 07:18

1 Answers1

1

Your code returns your own NICs MAC-Address.

You can not retrieve the mac addresses of clients connecting to you. MAC is a layer2 address in the OSI scheme. A router strips the source and destination mac addresses and replaces it with it's own mac as source and the next network hop as destination. You should use IP-Addresses (layer3) instead.

If you use Sockets, you can use this method: how to get client IP using socket programming c#

If you use asp.net webserver you can use this Request.UserHostAddress

Both will return the client's public ip address assigned by their ISP. This IP-Address often changes over night or with a router reset.

This will be the same IP-Address as other users connecting from the same local network. For example if the household has 2 computers and 3 mobile phones connecting through wifi, they will all share the same public IP-Address. To uniquely identify each one, you should use some kind of token, like a cookie, sessionid and/or authentication as suggested here: How to uniquely identify the client machine in an ASP.NET application?. (For (asp.net) web servers) However the cookie can be deleted and will then have to be replaced the next time around. While you can differentiate different users that way, you can't be sure to identify a single user as they may have multiple cookies seperated by time (deleted and new) or space (different browsers/devices having different, valid cookies at the same time)

Another way would be to send a unique certificate along with each client and have a database on hand to match them. (For networking applications)

Other ways to get unique client identifiers are discussed here: How to uniquely identify computer using C#? and here: Get Unique System Identifiers in C#. They do however rely on you executing code on the client machine, can be spoofed, are not reliable, may change over time, etc.

In short: There is no reliable and easy way, especially if you can't execute code on the client like in a web-server scenario. Also whatever you decide to use as an identifier may change with time (new IP, new hardware, new browser version, new OS, etc), has duplicates, is unreliable or unavailable on some machines (ex.: HD-GUID on clients with network drive only), and/or may be spoofed (mac, request header, etc).

It all depends on your needs, what you have available and how error prone and secure you want the thing to be.

FalcoGer
  • 2,278
  • 1
  • 12
  • 34