[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] client - server
- To: full-disclosure <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] client - server
- From: Micheal Espinola Jr <michealespinola@xxxxxxxxx>
- Date: Mon, 28 Feb 2005 12:11:11 -0500
A MAC address can be queried on a windows box via the registry - if
you have access. This can be done with [null] sessions and netbios.
So, depending on security, connectivity, access permissions, etc - it
may be possible to obtain this information.
On Mon, 28 Feb 2005 11:18:49 -0500, Michael Holstein
<michael.holstein@xxxxxxxxxxx> wrote:
>
> > which informations can a server get about a client running M$ windows XP ?
> > I cannot access a website because i have been "banned" and I'd like to
> > understand how they recognize me for sure.
>
> All sorts of stuff. Visit browserspy (http://gemal.dk/browserspy/) for a
> bunch of tests. Java is one excellent way to steal the goods (and many
> browserspy tests use that).
>
> The 'short' answer is, however, probably a simple IP check.
> >
> > I mean:
> > - a simple ip check doesn't work with dynamic addresses...
> > - cookies can be deleted
> > - computer name can be changed
> > - mac address can be changed (even I wasn't able to, because I have a usb
> > dsl
> > modem and I cannot change its MAC working with regedit or using tools like
> > smac )
>
> MAC address? That's not visible past the DSLAM. As for dynamic
> addresses, have you kept track? I have (supposed) dynamic addresses at
> home and it's not changed in over a year.
>
> You should dump the DSL modem and get a conventional ethernet one. Then
> change the MAC on your ethernet card at will (this will get you new
> addresses). There probably is a way to access the innerds of the USB one
> but you'd probably have to take it apart and locate the serial port.
>
> ~Mike.
> >
> > Anything else ?
> > How the hell do they recognize me ?
> >
> > Matteo Giannone
> >
> >
> >
> >
> > ____________________________________________________________
> > 6X velocizzare la tua navigazione a 56k? 6X Web Accelerator di Libero!
> > Scaricalo su INTERNET GRATIS 6X http://www.libero.it
> >
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
--
ME2
my home: <http://www.santeriasys.net/>
my photos: <http://mespinola.blogspot.com/>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html