Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > website restricted to fixed public IP or to only PC wth predefined configuration

Reply
Thread Tools

website restricted to fixed public IP or to only PC wth predefined configuration

 
 
Kausar Parveen
Guest
Posts: n/a
 
      05-29-2006
Hello All,

I'm working on an ASP.NET application where I need for only a
few machines (machines accessing the site will have fixed public IP) to be
able to have access to the website. It should check some hardware components
of PC to give access to the website. It should also give access to users
having dynamic IP address, for all such users their Hardware fingerprint of
predefined desktops and laptops should be checked before giving the access
to the website.
Can i use and check the remote machine for its MAC address
and compare it with my database in ASP.NET. As per my knowledge I can get
MAC in windows app using WMI.
How can i get it done in ASP.NET?

Thanks in advance,
Kausar



 
Reply With Quote
 
 
 
 
Dominick Baier [DevelopMentor]
Guest
Posts: n/a
 
      05-29-2006
You can't.

You should look into certificate based authentication - this would allow
for scenarios where only owners of a valid cert are allowed access to your
application - and you could utilize external hardware like smart cards.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Hello All,
>
> I'm working on an ASP.NET application where I need for
> only a
> few machines (machines accessing the site will have fixed public IP)
> to be
> able to have access to the website. It should check some hardware
> components
> of PC to give access to the website. It should also give access to
> users
> having dynamic IP address, for all such users their Hardware
> fingerprint of
> predefined desktops and laptops should be checked before giving the
> access
> to the website.
> Can i use and check the remote machine for its MAC
> address
> and compare it with my database in ASP.NET. As per my knowledge I can
> get
> MAC in windows app using WMI.
> How can i get it done in ASP.NET?
> Thanks in advance,
> Kausar



 
Reply With Quote
 
 
 
 
Kausar Parveen
Guest
Posts: n/a
 
      05-29-2006
Hello Dominick ,

I created Windows User Control which is getting MAC ID using WMI. And I
am using this User control just as ActiveX control do in Internet explorer.
In other words I am embedding Windows User Controls into Internet
Explorer but i am facing a secuirty problem it's giving following error

"System.Security.SecurityException: That assembly does not allow partially
trusted callers.
at System.Security.CodeAccessSecurityEngine.ThrowSecu rityException("

can problem be solved by providing specified permission? If yes what i have
to do for this??


Thanks in advance,
Kausar


"Dominick Baier [DevelopMentor]" <(E-Mail Removed)>
wrote in message news:(E-Mail Removed). com...
> You can't.
>
> You should look into certificate based authentication - this would allow
> for scenarios where only owners of a valid cert are allowed access to your
> application - and you could utilize external hardware like smart cards.
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > Hello All,
> >
> > I'm working on an ASP.NET application where I need for
> > only a
> > few machines (machines accessing the site will have fixed public IP)
> > to be
> > able to have access to the website. It should check some hardware
> > components
> > of PC to give access to the website. It should also give access to
> > users
> > having dynamic IP address, for all such users their Hardware
> > fingerprint of
> > predefined desktops and laptops should be checked before giving the
> > access
> > to the website.
> > Can i use and check the remote machine for its MAC
> > address
> > and compare it with my database in ASP.NET. As per my knowledge I can
> > get
> > MAC in windows app using WMI.
> > How can i get it done in ASP.NET?
> > Thanks in advance,
> > Kausar

>
>



 
Reply With Quote
 
Dominick Baier [DevelopMentor]
Guest
Posts: n/a
 
      05-29-2006
Hi,

well - this may not work for the following reasons:


a) you are extending the trusted subsystem to the user - this is trivial
to bypass
b) WMI needs full trust - you obviously won't get that by default - you would
have to adjust the security policy on every single client to give your "activex"
control full trust.


---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Hello Dominick ,
>
> I created Windows User Control which is getting MAC ID using WMI.
> And I
> am using this User control just as ActiveX control do in Internet
> explorer.
> In other words I am embedding Windows User Controls into Internet
> Explorer but i am facing a secuirty problem it's giving following
> error
> "System.Security.SecurityException: That assembly does not allow
> partially
> trusted callers.
> at
> System.Security.CodeAccessSecurityEngine.ThrowSecu rityException("
> can problem be solved by providing specified permission? If yes what i
> have to do for this??
>
> Thanks in advance,
> Kausar
> "Dominick Baier [DevelopMentor]"
> <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed). com...
>
>> You can't.
>>
>> You should look into certificate based authentication - this would
>> allow for scenarios where only owners of a valid cert are allowed
>> access to your application - and you could utilize external hardware
>> like smart cards.
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> Hello All,
>>>
>>> I'm working on an ASP.NET application where I need for
>>> only a
>>> few machines (machines accessing the site will have fixed public IP)
>>> to be
>>> able to have access to the website. It should check some hardware
>>> components
>>> of PC to give access to the website. It should also give access to
>>> users
>>> having dynamic IP address, for all such users their Hardware
>>> fingerprint of
>>> predefined desktops and laptops should be checked before giving the
>>> access
>>> to the website.
>>> Can i use and check the remote machine for its MAC
>>> address
>>> and compare it with my database in ASP.NET. As per my knowledge I
>>> can
>>> get
>>> MAC in windows app using WMI.
>>> How can i get it done in ASP.NET?
>>> Thanks in advance,
>>> Kausar



 
Reply With Quote
 
Kausar Parveen
Guest
Posts: n/a
 
      05-31-2006
Hello Dominick ,


My web page is running fine. I am getting MAC ID of client's system
using user control. Idid the required CAS,

Is this not the correct way to do this even if i have very limited
and known viewers/users for my website.
I don't want to let the people to browse my website from cybercafe.
That's why i am choosing this option coz to run my website client system
should have configured the CAS. I have know user's and known
machines where i can configure CAS,

What can be the pitfalls/implications in implementing usercontrol in
web app for getting MAC ID?

Regards
Kausar

"Dominick Baier [DevelopMentor]" <(E-Mail Removed)>
wrote in message news:(E-Mail Removed). com...
> Hi,
>
> well - this may not work for the following reasons:
>
>
> a) you are extending the trusted subsystem to the user - this is trivial
> to bypass
> b) WMI needs full trust - you obviously won't get that by default - you

would
> have to adjust the security policy on every single client to give your

"activex"
> control full trust.
>
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > Hello Dominick ,
> >
> > I created Windows User Control which is getting MAC ID using WMI.
> > And I
> > am using this User control just as ActiveX control do in Internet
> > explorer.
> > In other words I am embedding Windows User Controls into Internet
> > Explorer but i am facing a secuirty problem it's giving following
> > error
> > "System.Security.SecurityException: That assembly does not allow
> > partially
> > trusted callers.
> > at
> > System.Security.CodeAccessSecurityEngine.ThrowSecu rityException("
> > can problem be solved by providing specified permission? If yes what i
> > have to do for this??
> >
> > Thanks in advance,
> > Kausar
> > "Dominick Baier [DevelopMentor]"
> > <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed). com...
> >
> >> You can't.
> >>
> >> You should look into certificate based authentication - this would
> >> allow for scenarios where only owners of a valid cert are allowed
> >> access to your application - and you could utilize external hardware
> >> like smart cards.
> >>
> >> ---------------------------------------
> >> Dominick Baier - DevelopMentor
> >> http://www.leastprivilege.com
> >>> Hello All,
> >>>
> >>> I'm working on an ASP.NET application where I need for
> >>> only a
> >>> few machines (machines accessing the site will have fixed public IP)
> >>> to be
> >>> able to have access to the website. It should check some hardware
> >>> components
> >>> of PC to give access to the website. It should also give access to
> >>> users
> >>> having dynamic IP address, for all such users their Hardware
> >>> fingerprint of
> >>> predefined desktops and laptops should be checked before giving the
> >>> access
> >>> to the website.
> >>> Can i use and check the remote machine for its MAC
> >>> address
> >>> and compare it with my database in ASP.NET. As per my knowledge I
> >>> can
> >>> get
> >>> MAC in windows app using WMI.
> >>> How can i get it done in ASP.NET?
> >>> Thanks in advance,
> >>> Kausar

>
>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola MCSE 4 11-15-2006 02:40 AM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola Microsoft Certification 3 11-14-2006 05:18 PM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola MCSD 3 11-14-2006 05:18 PM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd realexxams@yahoo.com Microsoft Certification 0 05-10-2006 02:35 PM
microsoft.public.dotnet.faqs,microsoft.public.dotnet.framework,microsoft.public.dotnet.framework.windowsforms,microsoft.public.dotnet.general,microsoft.public.dotnet.languages.vb Charles A. Lackman ASP .Net 1 12-08-2004 07:08 PM



Advertisments