Results 1 to 9 of 9
  1. #1
    Join Date
    Sep 2007
    Location
    Global Village
    Posts
    185

    Question Unanswered: Help on Scurity of database

    Hi everybody,
    I need to know if we can use VB Code to read some specific data from computer which I install the database on it? Actually I would like to have some information that is unique for each computer like some sort of serial number of hardware that each time user load the Db will be checked and if it is not the same it means Db has been copied to other computer without permission.
    If anybody has any other suggestion let me know and thanks in advance.
    Cheers

  2. #2
    Join Date
    Jul 2003
    Location
    Amsterdam, Nederland
    Posts
    450

    REad Mac addres or..

    Read the MAC-adres / licenseKey or PCName
    and save it in a table
    if table is emty its not been started up once so, copy value and save in table

    if there is a value compare with macadres and if its not the same show msg and exit program

  3. #3
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    macaddress isn't a candidate in my books.. you never know if or when a network card may be replaced.. also you don't know that it is unique.. it should be but some network card manufacturers allow the MAC address to be assigned at installation or runtime.

    theoretically the computer name should be unique on a specific network domain, at least they used to be when we all had to use NETBUI.. But again you may have problems if you IT support decide to replace an existing machine

    disk ID's are unique to my knowledge.. but Im not aware of any technique to retrieve that.. but Google has plenty of links that may help. Again you have the same issue if the disk dies or is replaced or harvested for use in another device.

    IP address is unique within any one domain, or worldwide is its a public IP address.. however if the site uses DHCP or uses another variant of dynamic IP address allocation you are stuffed.

    you may want to search the access forums here, or possibly the code bank.. I seem to remember that Izyrider has some code for licensing his Access applications

  4. #4
    Join Date
    Sep 2007
    Location
    Global Village
    Posts
    185
    Hi Healdem & Marvels,
    Thanks for your information. I agree with Healdem regarding disk ID's but about IP address if we consider a user never connect to Internet then IP would not be an option.
    I will focus on disk ID's but if you have more details about it let me know; finally if I do it I will put it in forum for use.
    Cheers

  5. #5
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    In the current systems environment I'd be very surprised if you were not usign IP address irrespective or whether you connect to the internet or not. It many years since NETBUI and other token ring netwroks were superceeded and depracted. Just trying to think back over the last 15 years or So I cannot recall the last non IP network installed that Im aware of, and int he last 10 years I cannot recollect a non IP network I've dealt with
    The downside of IP address is that you cannot rely on it being unique if you use DHCP.

    I suspect that the computername is probably unique, and although you could get it from an Environ call I'd suggest you get it using Dev Ashish's API calls.. mebbe Paul (PKStormy) has contributed something similar in the code bank.

  6. #6
    Join Date
    Sep 2007
    Location
    Global Village
    Posts
    185
    I Agree with you completely, "Hands Up!" but actually I am writing a database for a client that doesn't use network at all so I should not count on IP address.

  7. #7
    Join Date
    Jun 2004
    Location
    Arizona, USA
    Posts
    1,848
    One other point - not all disks have serial numbers...
    Lou
    使大吃一惊
    "Lisa, in this house, we obey the laws of thermodynamics!" - Homer Simpson
    "I have my standards. They may be low, but I have them!" - Bette Middler
    "It's a book about a Spanish guy named Manual. You should read it." - Dilbert


  8. #8
    Join Date
    Dec 2002
    Location
    Préverenges, Switzerland
    Posts
    3,740
    lots of good points made above. i repeat some of them.
    MACaddress may not be unique (and can be faked BTW), DriveManufrSerial may not be available on pre-SMART disks, machineSerial may not be unique, machineName may change, domainName may change, userName may change, and etc.

    even more transient are properties like IPaddress (DHCP!), diskVolumeSerial (Format!) and so on.

    so, how do you go about fingerprinting a machine?

    that provokes an even more fundamental question: what is "a machine"?
    disks fail; users die; companies get bought and change domain.
    over a three year lifespan, it is totally reasonable for every obtainable "property" of "a machine" to have changed BUT the ( ...what can we call it ? ) "licenced object" is philosophically the same and the paying customer has been completely honest. a sane licencing scheme should not require an honest user to go through hell every time a disk crashes!

    [rant]
    guiding principle:
    any licencing scheme should make the dishonest suffer more than the honest.
    corollary:
    if you cannot design a strong licencing scheme, don't mess with licencing - all you are doing is inconveniencing the honest folk whilst the dishonest folk distribute unlimited pirate copies of your app.
    [/rant]

    WMI gives you easy access to thousands of properties of a machine (many are Null or are duplicates of other properties).
    SMART gives you slightly-less-easy access to properties of most modern disks
    gather MANY of these properties (my experimental scheme now uses fourteen properties that are usually not null/empty and are not duplicates)
    base your licence on this collectivity of properties
    each time the application starts, allow for some "drift" in the properties.
    it is reasonable that the disk was swapped out - self-heal your licence by noting the new diskManufrSerial.
    it is potentially unreasonable for userName AND MACaddress to change at the same time - require the user to contact you in this case.
    be clever with stuff like motherboard swaps which may change machineName and machineSerial and MACaddress all at the same time

    homework:
    google for "WMI", "SMART", (and "WMI Code Creator" - it is very handy once you've mastered the VBA syntax for WMI!)
    you will need crypto: google "CAPICOM", or if you are foolishly courageous "CryptoAPI"
    see here for my rudimentary outline of how a single machine property can be used for licencing.

    practical:
    you absolutely NEED some secrets. the crude .Tag used in the demo is rubbish. think!

    remember:
    honest folk are always inconvenienced by licencing.
    the dishonest folk will ALWAYS win if they try hard enough - they are not smarter, but they know what they are attacking whilst you don't know what you are defending against.

    imperative:
    if you come up with a decent scheme - shut up! don't give hints to the bad folk.

    izy
    currently using SS 2008R2

  9. #9
    Join Date
    Nov 2007
    Location
    Adelaide, South Australia
    Posts
    4,049
    if you come up with a decent scheme - shut up! don't give hints to the bad folk.
    I sooo agree with that.
    Owner and Manager of
    CypherBYTE, Microsoft Access Development Specialists.
    Microsoft Access MCP.
    And all around nice guy!


    "Heck it's something understood by accountants ... so it can't be 'that' difficult..." -- Healdem
    "...teach a man to code and he'll be frustrated for life! " -- georgev

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •