cancel
Showing results for 
Search instead for 
Did you mean: 

How do you uniquely identify database server?

8,645

Hello again, Is there a way in SQL Anywhere to uniquely identify the machine that runs the database? Is it possible to get mac address somehow? Or does there exist some server property which is different in every physical machine (and does not change through machine's life cycle)? Or is it possible to get external IP address?

The goal is to generate an md5 hash (password) from a date (system end of life) and some other values and one of these values should be unique so that the password wouldn't work if copied to another instance of the system.

Thanks in advance.

Accepted Solutions (0)

Answers (4)

Answers (4)

graeme_perrow
Advisor
Advisor

This is similar to @Martin's answser, but all the work has already been done for you. You could use TLS encryption, and make sure that the machine that's running the server is the only one with the identity file. The TLS protocol makes sure that the server you're connecting to is the one that has the server's certificate. It also prevents man-in-the-middle attacks, where another machine pretends to be the server's machine and connects to the real server itself to find out the "secret", passing it on to the clients, who then think it is the real server.

MCMartin
Participant

Based on the comments so far you will have to decide by yourself how much effort is necessary to get to a rational level of security. No lock is unbreakable, it is often more the question of how much effort do I have to invest to break the lock and is it feasible compared to the investment necessary to buy a valid license. As always it is a trade-off. So the suggestions provided to you so far are in my opinion all sufficient to prevent a simple copy and paste attack. Which means using any of them will prevent a normal IT-staff from just copying your system to another server and gaining a duplicate without your knowledge.

0 Kudos

Well, I'm trying to find an answer myself but nothing came to my head simpler than this yet:

call xp_cmdshell('getmac > tmp_mac.txt');
select cast (xp_read_file('tmp_mac.txt') as long varchar) into @s;
// parse @s
VolkerBarth
Contributor
0 Kudos

If you suspect malicious users, they surely are able to check which files your database is using (say, with SysInternals monitoring tools), and it might be not too difficult to replace the file with one with the wanted MAC address...

MCMartin
Participant
0 Kudos

Most network drivers allow you to set the MAC-Adress explicitly, much easier than changing the file.

0 Kudos

Well, thank you for all your answers. This kind of evaluation policy will be rejected.

MCMartin
Participant
0 Kudos

Create a special file in the filesystem as an indicator for the valid machine and use CREATE SERVER statement to create a directory access server, then you can easily check with a proxy table and a simple select if your "license file" exists on the database server machine.

0 Kudos

Very easy to break ;).

MCMartin
Participant
0 Kudos

Correct, but on the same level as cheating the MAC-Address