How deterministic is UuidCreateSequential with respect to the MAC Address? - mac-address

My understanding is that on Windows systems in XP, Vista, and Win7, and on the server products based on the same kernels, the UuidCreateSequential() Win32 API call makes use of one of the MAC addresses on the system to generate the UUID, and places that value at the tail end of the generated GUID.
My question is, given that the configuration set of network devices does not change, does UuidCreateSequential always choose the same MAC address each time?

You cannot rely on the same MAC address being used. From the RFC:
4.1.6. Node
For UUID version 1, the node field
consists of an IEEE 802 MAC
address, usually the host address.
For systems with multiple IEEE 802
addresses, any available one can be
used.

Related

MAC Address as Serial Number in Embedded Systems

Is it safe to use the MAC address as the serial number of a microcontroller in embedded systems? Is it a security threat or can it be duplicated perhaps? (Usually through software from what I read).
MAC Addresses are generated randomly by the manufacturer but as far as I understood there is a slight chance (0.000001% perhaps) that the MAC Address will be duplicate. i.e. it is not entirely unique.

How can I determine that a MAC address belongs to a VPN?

While launching ipconfig /all, I can see the description and the physical address (MAC address) of the computers on my computer:
...
Description : Intel ...
Physical address : 48-4D-...
...
Description : Teamviewer VPN adapter
Physical address : 00-FF-...
From the description, I can see which MAC address belongs to my PC and which one belongs to the VPN adapter.
Can I also find this out without reading the description? Is there a way to distinguish VPN related MAC address from "real" ones? (A Windows API answer is preferred, if possible)
There are databases for the MAC addresses, for example from Wireshark.
Since my powershell is utterly bad, I just wrote a small program to iterate over this list and check for a match in the file by Wireshark.
You may check it out and modify as you want: https://github.com/maio290/MacChecker
If no vendor is found for the device, I guess you can assume that this device is a virutal one.

Are MAC addresses required to be globally unique? If so why?

I am unable to understand the necessity of having a globally unique MAC address on a network card. Since TCP/IP protocol suite uses MAC address for machine identification only within the network, in my view MAC should be unique locally and not globally.
I will be grateful for explanation of requirement of MAC being unique globally.

CPU identifier under windows, gnu/linux, macosx

In order to recognize a computer in a certain manner (MAC adress not appropriate for some cases, disk ID or hostname neither etc.), I would like to detect a CPU id (or first CPU core id)... How can I achieve this on different platforms? (not necessarily in manner that is robust to OS change on the same computer)
Thanks
The CPU id identifies the processor model, and isn't unique to each computer. See: http://en.wikipedia.org/wiki/CPUID
The MAC address is usually the best way to uniquely identify a system.

Preinstalling WinXP USB drivers to be able to connect device without interaction

We are a small hardware manufacturer. Most of our products use USB for programming the controllers used.
The current situation is that programming the hardware (part of the assembly processor) is rather labour intensive.
Each time a new USB device gets plugged in Windows prompts for a driver install. This means that for each new product we have to go through a process of "no, don't go to internet" --> "yes, search automatically" --> "done". We even have to do this twice for each product.
I have been experimenting with the Windows preinstaller (DPInst), but this seems to only facilitate a succesful "yes, search automatically" part.
Is there a way to have the drivers installed fully automatically after plugging in the USB device?
Kind Regards,
Ronald
I take it your devices have a unique USB serial number, and hence each one is detected as a new device that hasn't been seen before.
If so, then the solution is this, from http://www.lvr.com/usbfaq.htm:
During device testing, we attach many
devices that are identical except for
the serial numbers. How can I prevent
Windows from asking to install a new
driver every time a device is
attached?
The method described below causes
Windows 2000 and XP to ignore a
device's serial number. It's
recommended for test environments
only.
This registry key controls whether
Windows uses or ignores device serial
numbers:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\UsbFlags]
It's possible to ignore all serial
numbers, though this approach is NOT
recommended. To ignore all serial
numbers, in the above key, change this
value to zero:
GlobalDisableSerNumGen = 1
To ignore the serial number for an
individual device, create an entry
under the above ...\UsbFlags key. The
name must start with "IgnoreHWSerNum"
followed by the vendor and product ID
of the device. A value of 1 = "disable
the serial number."
Example (Vendor ID = 0925h, Product ID
= 016Ah):
IgnoreHWSerNum0925016A= 1
An alternative hardware/firmware solution is to disable the device USB serial number during production (e.g. with a link, possibly one made by a test fixture). Without a USB serial number, Windows will assign a pseudo serial-number to the device, based on its position in the connection tree. That wouldn't be likely to change during a production run, so all devices would then be treated as identical and Windows wouldn't bother with the new driver stuff.
I had the same problem 5 years ago.
The main problem is that the installation of USB drivers after Plug&Play of the coresponding device works under the LocalSystem account. To have no security problems Microsoft allows silent installation of drivers only signed by Microsoft. Starting with Windows Server 2003 there are documented way (see http://www.microsoft.com/whdc/driver/install/authenticode.mspx).
If you have a managed corporate environment (you can prepare computers which will use your Plug&Play devices), then there are a workaround which solves the problem on Windows XP. I suggested it 5 years ago for one of my customer. It works perfect since about 5 years in environment with some of 10000 Windows XP computers.
The idea for the solution is very easy: your drivers (for example the CAT file) must be signed with the signature which
has both 1.3.6.1.5.5.7.3.3 ("Code Signing") and 1.3.6.1.4.1.311.10.3.6 ("Windows System Component Verification") OIDs as Enhanced key usage (EKU) extension
the certificate or it's parent certificate must be installed in the Machine's Root (Trusted Root Certification) or AuthRoot (Third-Party Root Certification Authorities) certificate store
If you do this on a Windows XP computer, the operating system will interpret your driver like Microsoft signed driver.
Morver you shoud insert in the registry the path to the source of the driver.

Resources