-2

I want to build a service like gmail or yahoomail.

It will be open for all.

For security purpose i can save the IP address for each action i.e sending mail, reading mail, deleting mail and all other actions.

I also want to save mac address of the computer from which mail is sent and i also want to

save mac address of the computer which is used to read the mail.

I am sure that i can build a program like this , but i have very little knowledge in the area

web security. Please suggest me how can i save mac address. Is it possible or not.

Where can i study about it.

Thank You

cdlane
  • 40,441
  • 5
  • 32
  • 81
user1680093
  • 21
  • 5

1 Answers1

0

The MAC address of the client is part of the layer 2 protocol, and is used for address resolution (ARP) only on the subnet local to the client. Internetworking is done with TCP/IP (layers 3 & 4), which are transparent to layer 2. In other words, the protocols and equipment between your server and your clients make it impossible for your server to learn the MAC of your clients. This is by design.

If you are looking for a unique identifier for your clients, you should adopt the standard methods like cookies, certificates and the like. Both MAC and IP addresses can be spoofed.

Paul Ratazzi
  • 6,289
  • 3
  • 38
  • 50
  • One good place to start is the Open Web Application Security Project (OWASP): http://www.owasp.org. They have a Developer Guide (https://www.owasp.org/index.php/Category:OWASP_Guide_Project) that will give you the high level best practices for most aspects of web application security. Good luck! – Paul Ratazzi Nov 03 '14 at 03:15