Find the answer to your Linux question:
Results 1 to 3 of 3

Thread: I'm confused

Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    I'm confused

    This whole time I thought this guy was talking about hostname as in:

    user@machine <
    But now I'm not sure if he means that or something like this:

    I'm reading this btw, this is what I'm talking about.

    DHCP Properties Upon obtaining an IP address, your DHCP client will sometimes send information about you in DHCP requests. In many cases, this includes your hostname and possibly your MAC address, but can include your operating system and DHCP version, which can potentially be very damaging to your anonymity set on your local network. Once again, much like MAC address, if you are unconcerned about your local network discovering your identity, then you probably needn't worry too much about this. However, in many cases it is necessary to obscure this information.
    Also, as part of the DHCP standard, all operating systems will provide their most recent IP address to the DHCP server. Usually this is harmless, since it is typically just an internal IP address, but if you use your laptop to DHCP directly to your ISP, it is possible it may then hand this IP to an open access point you associate to. If you are changing your MAC address to minimize risk for P2P activity, you may want to wipe previous IP leases on your router machine every time you obtain a new lease. Typically router devices have a 'release DHCP' button somewhere on the web interface. If you need to change these settings on your computer itself, follow the appropriate instructions below:

    Unfortunately under Linux, the details of DHCP client properties vary from distribution to distribution. In the general case for dhclient, the values are read from /etc/dhclient-interface.conf, but this is typically created at runtime. In Fedora, for example, only the hostname is transmitted, and this value is read from /etc/sysconfig/networks/ifcfg-ethN where N is the relevant interface number.
    Gentoo (and likely any other distro that uses dhcpcd), however, will transmit the entire OS and kernel version. One contributor suggested changing your /etc/init.d/net.eth0 (or equivalent) file to include
    [pre]VID=`fortune -o|head -c 30|tr "\"'\n" ' ' 2>/dev/null` /sbin/dhcpcd -i ${VID} ${dhcpcd_IFACE} ${IFACE} [/pre]
    Previous IP/Lease information is typically found under /var/lib/dhcp/. Blowing these files away between interface restarts (/sbin/ifdown ethN ; [change mac addr] ; [change hostname] ; rm /var/lib/dhcp/* ; /sbin/ifup ethN) should do the trick.
    Windows sends your MAC address and an OS and version string (though the version is something nonsensical, like "MSFT 5.0", which means it might not map to exact Windows versions, but some DHCP implementation version). Unfortunately, Windows also transmits hostname. I don't believe there is any way to stop this, but you should not have picked a hostname that easily identifies you anyways. Unfortunately, it can be used to correlate successive connections, which makes it easier to track you down eventually. It seems as though the utility NewSID can be used to change your hostname on the fly. Alternatively, you can edit a few registry keys.
    To kill a previous lease, usually all you have to do is go to Control Panel->Network Connections and right click on the interface, and go to Disable, and then Enable. This will blow away any previous lease state and IP address information. If you prefer the command line, ipconfig /release followed by ipconfig /renew does the trick.
    Mac OS
    Mac OS sends just the MAC address and hostname, but you should be aware that it also has some option codes that can serve to identify the OS type as well. Again, to change the hostname, issue something like sudo hostname -s "****o The Clown", and don't forget to change your mac address.
    As far as leasing/IP information, go to System Preferences->Network and select Network Port Configurations under Show:. Then, click the checkbox next to the relevant connection to disable the interface, and then click it again to enable it, and the lease will be blown away and renewed. From the command line, sudo ipconfig set en0 BOOTP followed by sudo ipconfig set en0 DHCP will essentially the same thing (of course, substitute the appropriate interface name for en0).

    If you want to be absolutely sure you have set everything properly, you can download Ethereal to monitor your network traffic. Set the filter line to bootp while a capture is running. This will display only dhcp requests and responses, which you can then inspect for information to make sure everything is OK.

    ident is the TCP identification service. It allows a remote host to determine the local username associated with any TCP connection involving that remote host. Naturally this is a concern, especially if your username reveals your true identity. So when do ident lookups happen? Well technically your machine's ident server will answer any request for a (server, client) port pair for which the destination IP is the same as the ident request source IP. However, normally is only used with FTP, SMTP and IRC traffic, if that. Some web and ssh servers also have it enabled. The best thing to do here is to kill your ident server, or add a firewall entry for port 113. Even better, you may wish to create an obfuscated or common username for regular use. Something like bob, jane, Acidburn, or ZeroCool, perhaps.

    Just trying to avoid dns leaks and whatnot. I'm hoping it's what I thought it was:

    Instead of the other hostname. Also, I've been running wireshark with the bootp filter to check to be sure tha dhcp requests and responses are ok yet so far nothing has displayed whatsoever

  2. #2
    Usually there's more than one name for a Computer.

    The Hostname the DHCP Server receives from the client usually is the Name of the PC ... it ain't user@machine nor

    Should point to a user on the computer machine.
    machine is one of the names defined for the Computer in the DNS-Server ... and some services also look at the host-name ...
    If you mean user@machine as shown in the console it's the name of the PC

    Example you can have one PC receiving Mails for different domains ... like:
    Bouth are allowed to point to the same Server, but the Server itself has different user-tables and mail-storages for these domains.
    seems like a ISP Domain name ...
    Most ISPs have a name for each Client IP, don't know what for, but that just looks like one ... ID-Number followed by the domain of the ISP

  3. #3
    Sorry but I feel more confused now. So how do I find out what dhcp properties are shown when I connect/issue dhcp requests?

  4. $spacer_open

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts