MAC地址相当于确定ASP.NET网站的访问者 [英] MAC Address equivalent to identify ASP.NET website's visitors

问题描述

我有一个发送短信欢迎您对于其中的用户名是用户的手机号码，每个注册的用户注册页面。

I have a registration page that sends a Welcome SMS for every registered user where the username is the user's mobile number.

在的欢迎短信有一个激活code，以完成注册程序。

In the welcome SMS there is an activation code to complete the registration process.

我还使用了验证码控制，以prevent人们使用机器人。

I also uses a Captcha control to prevent people from using bots.

问题是，一些不良的用户正在使用的注册页面发送短信的，以这使我失去了信用短信随机的手机号码。

The problem is, Some bad users are using the registration page to send SMS's to random mobile numbers which makes me loses the SMS credit.

获取网站访问者的MAC地址是不可能的，如果有可能，我会加入匿名坏旅客黑名单的数据表说3种不同的未验证的手机号码后，解决问题。

Getting the MAC address of a website visitor is impossible, If it was possible, I will solve the problem by adding the anonymous bad visitors to a black list data table after say 3 different unverified mobile numbers.

我的问题是：是否有任何技术来标识ASP.NET或IIS访客。

My Question is: Is there any technique to identify a visitor in ASP.NET Or IIS.

推荐答案

您的问题是在<一个回答href=\"http://stackoverflow.com/questions/12894312/how-can-i-identify-unique-users-on-my-website-even-ip-is-changed-or-browser-data\">How我能确定的唯一用户在自己的网站甚至IP地址改变或浏览器的数据已被清除？和<一个href=\"http://stackoverflow.com/questions/216542/how-do-i-uniquely-identify-computers-visiting-my-web-site\">How我做的唯一标识计算机访问我的网站？。它可以通过将IP地址和'浏览器指纹来完成。

Your question is answered in How can I Identify unique users on my website even IP is changed or browser data has been cleared? and How do I uniquely identify computers visiting my web site?. It can be done by combining the IP address and 'browser fingerprint'.

虽然这可能是不够的，我怀疑是恶意的用户会尽一切可能将不被这些方法检测。他们可以使用代理服务器，僵尸网络，或者其他匿名者Tor这样为每个请求更改IP地址，他们可以伪造其为伪随机浏览器的请求。

While this may be enough, I suspect that the malicious users will do anything possible to be not detected by these techniques. They can use a proxy server, a botnet, or other anonymizers like Tor to change IP address for every request, and they can craft their requests to fake random browsers.

要最终解决这个问题，例如，你可以做一个验证位为每个用户，在这里你只给他们发短信，您已经验证他们的帐户后。

To ultimately overcome this issue, you can for example make a Verified bit for each user, where you'll only send them an SMS after you have verified their account.

这篇关于MAC地址相当于确定ASP.NET网站的访问者的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！