Tweet
Does anyone have any code that returns a remote MAC address without using the SendARP API? ARP packets won't go out over the Internet so I need some other form. Maybe something with ICMP ?? Does anyone have any ideas on how to do this or any examples?
-
-
I can't see why you'd want to as MAC addresses are only relevant on the local subnet anyway.
The only way to find a remote MAC address therefore is to query either the remote device's attachment point (ie,the switch it's plugged into) or run something on the device itself.Neil Croft (cissp) -
I have a software package that I wrote that connects to an appliance, and uses its MAC for licensing purposes. I recently had a customer who has a need to run the software off-site across the Internet. He already tried this, but the license is invalid since there is no MAC. I wanted to see about adding a routine to get that information across the Internet.
I think that some routers allow it for internal use between 2 subnets, but that is a different case than what I am looking into. I guess if I can't find a way to do this, I will need to update my documentation to specify that the software must be run from the same subnet as the appliance.Comment
-
Hmm, could you give something on the local LAN an LAA that matches the remote MAC?
(added) Thinking about this, I presume in a normal deployment, you get the management PC to do an arp resolution on the device's IP and get the MAC to check it's on the list of licensed devices. When you try this for the remote device, do you get any response from the arp resolution at all or does it just error? I'm just wondering if you'd get the router's mac address.Last edited by Neil Croft; 30 Jun 2009, 11:05 AM.Neil Croft (cissp)Comment
-
Check out my "ping the internet" code in the source code forum.
I don't think it can return the MAC address, but it may help.There are no atheists in a fox hole or the morning of a math test.
If my flag offends you, I'll help you pack.Comment
-
It just returns an error. I believe it times out since the ARP doesn't get forwarded.
Yes, the appliances IP address is tested to make sure that its hardware is in the licensed devices list.Comment
-
License on IP address instead? No, don't tell me. They're using DHCP so it's changeable or the device can't report it's IP address.Neil Croft (cissp)Comment
-
I wrote some ping code a long time ago, but i don't believe that the hardware address is in the return data anywhere.Originally posted by Mel Bishop View PostCheck out my "ping the internet" code in the source code forum.
I don't think it can return the MAC address, but it may help.Comment
-
Well that would be too easy to get licenses illegally then. It is using a fixed address (private NAT which translates to their public router address using port mapping). If I licensed to an IP then they can use the same IP for other non-licensed locations. MAC is a lot better way in this case. Still not fool proof but will stop the "easy" temptation that the IP method would provide.Originally posted by Neil Croft View Post
Comment
-
I don't suppose the remote devices offer any means of querying them for a unique ID? Like an HP service tag type thing.
Embedded network devices are a pain in the derrière.Neil Croft (cissp)Comment
-
nothing that is documented. I'm sure that there is, but....
Comment
-
How about a "helper" on the Remote LAN side that queries the appliance, saves the MAC in a table and then the "client" software simply asks the "helper" what the MAC is for that appliance.
I'd need to know a whole lot more about the setup to make any specific suggestions.Comment
-
WMI seems like a possibility. See http://www.winforums.com/showthread.php?t=8842 for an VBScript example.Comment
-
WMI or Netsh
I'm pretty sure you can get the mac via WMI or via netsh .Warped by the rain, Driven by the snow...
jimatluv2rescue.comComment
-
Ok, I'll have to investigate the WMI thing at a later date. The VB Script accesses a lot of object calls, which are meaningless to me since I'll be doing it via the Windows API (if at all)
Thanks for the suggestions guys, I'll look into this. It is only one client, so I may have to just have him run his ap at the site and then receive the data remotely.Comment
Comment