Create computer client Unique Identification for Fraud

[lilmer]

Hello Good day,

 

I am have a project for company. Can you please give me advice on how will I going to determine each computer assigned to each employee.

 

I have my own working unit (PC), of course that i used to login on our company web site. But when someone try to log in on our web site using their own account on my working unit it will be registered as fraud.

 

My problem is how will i am going to check if accountTwo  try to log in on accountOne pc unit. Right now we're using cookie but if they use other browser or private browser the data on the cookie was not send on the request.

 

Righ now I am  trying to determine using Mac Address of each PC, but still can't figure out how to get the Mac Address. It gives the server address where the site was hosted.

[jazzman1]

You should start applying some security measures on the server where the project is deployed (not apache). Why the project is public?

[lilmer]

This is not about the server, this is for employees. 

 

Me as an employee I have my own working unit (Computer unit), and on a company website (that i am developing), that where we login to set out time of work. But my problem is if me an employee, let other employee to access the company website and try to log in using there own account it should be register on the fraud. Where my co employee will be registered on a fraud and me as here friend that let her/him log in using my working unit.

 

Right now we are using cookie to determine that, but when we use private browser of course cookie is not register. How can I determine that or can you give me a way..?

[requinix]

This is something you need to deal with at the machine layer, and you're just not going to get that with PHP. Really, the only way I know that's reliable is in a Windows environment where you can (set up your server to) use things like NTLM and Kerberos authentication.

 

As for the alternatives,

- Can't get the MAC address, which can be spoofed anyways

- IP address is only unique (potentially) in a LAN environment, but that can be "spoofed" too

[Richard_Grant]

I agree with Requinix, i don't think your skilled enough to be attempting this project. However, I will baby step you on how i would go about doing it.

 

I would create a Seperate piped server (write it in C# or C++) then decide if you want this as a webbrowser extension or just make them download and install it.

Install to c:/users/USER/appdata/local....

 

And now you can open the client pipe with php (http://stackoverflow.com/questions/19126424/launch-notepad-exe-from-a-php-file)

You can make the client look for certain protocols to identify the computer such as Machine ID to identify the machine.

 

To get this running slick would be a bit of work but it shouldn't be to hard.

 

________

Other than that i would say that you really cant do what you are requesting with PHP, maybe look into Silverlight C#, but then that requires the user has silverlight installed and macs have an issue with silverlight if the application is not developed correctly.

Edited September 8, 2014 by Richard_Grant