如何从web浏览器获得唯一的PC ID

时间:2021-02-09 16:48:58

I have a web app that will be running n several specific target machines. I could have the user select which machine he is on when he logs in, but that is prone to error. Is there a way I can get some unique ID from each PC, store those in a database on my server and then when someone logs in from a particular machine, identify that machine? I thought of IP address but those might change as well due to the nature of our deployment. But is is critical that I know which machine the system is running on.

我有一个web应用程序,它将运行n个特定的目标机器。我可以让用户在登录时选择他所在的机器,但这很容易出错。是否有一种方法可以让我从每台PC上获得一些唯一的ID,并将它们存储在服务器上的数据库中,然后当某人从某台特定的机器登录时,识别这台机器?我想到了IP地址,但是由于我们部署的性质,这些地址可能也会改变。但关键是我知道系统运行在哪个机器上。

Note: I am not trying to determine the machine code of a web user's machine as that would be a privacy violation. I KNOW my machines so I was wanting to tie them to the database somehow. This also acts as security for me as I can reject logins from unknown machines.

注意:我并不是试图确定web用户机器的机器代码,因为这将违反隐私。我知道我的机器,所以我想把它们和数据库联系起来。这对我来说也是一种安全,因为我可以拒绝来自未知机器的登录。

Thanks for any ideas. I am running Apache with Code Igniter 3 and Centos 6.5

谢谢你的任何想法。我正在用代码点火器3和Centos 6.5运行Apache。

5 个解决方案

#1


2  

You could use this as a computer ID:

你可以用这个作为电脑ID:

$computerId = $_SERVER['HTTP_USER_AGENT'].$_SERVER['LOCAL_ADDR'].$_SERVER['LOCAL_PORT'].$_SERVER['REMOTE_ADDR'];

It's not completely fool proof, as the values of $_SERVER can be faked, however it will still add an extra layer of security that does not rely on cookies.

这并不是完全的傻瓜证明,因为$_SERVER的值是可以伪造的,但是它仍然会增加一个不依赖cookie的安全层。

#2


2  

It's not possible without a client component, browser plugin or something similar. The closest alternatives are:

没有客户端组件、浏览器插件或类似的东西是不可能的。最接近的替代方案是:

  • using cookies;
  • 使用饼干;
  • using client certificates;
  • 使用客户端证书;
  • using browser fingerprinting;
  • 使用浏览器指纹;

each with their own disadvantages.

每个人都有自己的缺点。

#3


1  

The first time a user hits your site, identify their machine by IP address. Then set a persistent cookie with a unique identifier of your choosing.

用户第一次点击你的网站,通过IP地址识别他们的机器。然后用您选择的唯一标识符设置一个持久cookie。

The next time they come to the site, you can identify them by the unique identifier cookie that you set previously.

下次他们来到站点时,您可以通过前面设置的唯一标识符cookie来识别他们。

#4


0  

I would either

我要么

use a value like bin2hex(openssl_random_pseudo_bytes(512)) and set it as a cookie and then check for the cookie

使用bin2hex(openssl_random_pseu_bytes(512))之类的值并将其设置为cookie,然后检查cookie

or

use IP based logging like (127.0.0.1) has typed hello

使用基于IP的日志记录,比如(127.0.0.1)输入了hello

or

MAC Addresses (php libraries for it)

MAC地址(php库)

#5


0  

You can even try getting the MAC Address:

你甚至可以尝试获得MAC地址:

Use this class (https://github.com/BlakeGardner/php-mac-address)

使用这个类(https://github.com/BlakeGardner/php-mac-address)

This is a PHP class for MAC address manipulation on top of Unix, Linux and Mac OS X operating systems. it was primarily written to help with spoofing for wireless security audits.

这是一个PHP类,用于在Unix、Linux和MAC OS X操作系统之上进行MAC地址操作。它主要是为了帮助对无线安全审计进行欺骗。

#1


2  

You could use this as a computer ID:

你可以用这个作为电脑ID:

$computerId = $_SERVER['HTTP_USER_AGENT'].$_SERVER['LOCAL_ADDR'].$_SERVER['LOCAL_PORT'].$_SERVER['REMOTE_ADDR'];

It's not completely fool proof, as the values of $_SERVER can be faked, however it will still add an extra layer of security that does not rely on cookies.

这并不是完全的傻瓜证明,因为$_SERVER的值是可以伪造的,但是它仍然会增加一个不依赖cookie的安全层。

#2


2  

It's not possible without a client component, browser plugin or something similar. The closest alternatives are:

没有客户端组件、浏览器插件或类似的东西是不可能的。最接近的替代方案是:

  • using cookies;
  • 使用饼干;
  • using client certificates;
  • 使用客户端证书;
  • using browser fingerprinting;
  • 使用浏览器指纹;

each with their own disadvantages.

每个人都有自己的缺点。

#3


1  

The first time a user hits your site, identify their machine by IP address. Then set a persistent cookie with a unique identifier of your choosing.

用户第一次点击你的网站,通过IP地址识别他们的机器。然后用您选择的唯一标识符设置一个持久cookie。

The next time they come to the site, you can identify them by the unique identifier cookie that you set previously.

下次他们来到站点时,您可以通过前面设置的唯一标识符cookie来识别他们。

#4


0  

I would either

我要么

use a value like bin2hex(openssl_random_pseudo_bytes(512)) and set it as a cookie and then check for the cookie

使用bin2hex(openssl_random_pseu_bytes(512))之类的值并将其设置为cookie,然后检查cookie

or

use IP based logging like (127.0.0.1) has typed hello

使用基于IP的日志记录,比如(127.0.0.1)输入了hello

or

MAC Addresses (php libraries for it)

MAC地址(php库)

#5


0  

You can even try getting the MAC Address:

你甚至可以尝试获得MAC地址:

Use this class (https://github.com/BlakeGardner/php-mac-address)

使用这个类(https://github.com/BlakeGardner/php-mac-address)

This is a PHP class for MAC address manipulation on top of Unix, Linux and Mac OS X operating systems. it was primarily written to help with spoofing for wireless security audits.

这是一个PHP类,用于在Unix、Linux和MAC OS X操作系统之上进行MAC地址操作。它主要是为了帮助对无线安全审计进行欺骗。