Re: [qubes-users] for people using MAC randomization (debian 9 tmpl): you might want to avoid hostname leaks via DHCP too
On Saturday, April 15, 2017 at 3:06:52 PM UTC-4, qubenix wrote: > peter...@hushmail.com: > > > > Is there a script to randomize hostname on each boot? > > > I think blank hostname is better than randomized. How would it be > randomized: dictionary words, rng, cycling popular hostnames, etc.? Your > randomization method may make you more identifiable than blank. > > -- > qubenix > GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 I was looking to use the Windows 10 naming patern for new computer: DESKTOP-XXX (7 random alphanumeric character) That would be Good :) Dominique -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20e07325-7a60-44b3-a91f-844eb900d527%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] for people using MAC randomization (debian 9 tmpl): you might want to avoid hostname leaks via DHCP too
peter...@hushmail.com: > > Is there a script to randomize hostname on each boot? > I think blank hostname is better than randomized. How would it be randomized: dictionary words, rng, cycling popular hostnames, etc.? Your randomization method may make you more identifiable than blank. -- qubenix GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f15d3d7e-cf63-f094-6a9e-dd5872dedb04%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] for people using MAC randomization (debian 9 tmpl): you might want to avoid hostname leaks via DHCP too
cooloutac: > On Wednesday, April 12, 2017 at 10:55:08 AM UTC-4, qubenix wrote: >> Unman: >>> On Tue, Apr 11, 2017 at 06:20:38AM -0700, Dominique St-Pierre Boucher wrote: On Monday, April 10, 2017 at 5:06:30 PM UTC-4, qubenix wrote: > qubenix: >> Andrew David Wong: >>> On 2017-04-09 15:25, Joonas Lehtonen wrote: Hi, >>> if you setup MAC randomization via network manager in a debian 9 template as described here: https://www.qubes-os.org/doc/anonymizing-your-mac-address/ you still leak your hostname. >>> Once your MAC address is randomized you might also want to prevent the disclosure of your netvm's hostname to the network, since "sys-net" might be a unique hostname (that links all your random MAC addresses and the fact that you likely use qubes). >>> To prevent the hostname leak via DHCP option (12): - start the debian 9 template - open the file /etc/dhcpd/dhclient.conf - in line number 15 you should see "send host-name = gethostname();" - comment (add "#" at the beginning) or remove that line and store the file - reboot your netvm >>> I tested the change via inspecting dhcp requests and can confirm that the hostname is no longer included in dhcp requests. >>> >>> >>> Thanks. Added as a comment: >>> >>> https://github.com/QubesOS/qubes-issues/issues/938#issuecomment-292843628 >>> >>> >> >> Nice. I was just thinking about this after spending some time on my >> routers interface. Thanks for the post! >> > > After testing this, 'sys-net' still shows up on my router interface. > > -- > qubenix > GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 Did the same test and got the same result. Anyone has a solution? I can always change my hostname for something else, but I would prefer not sending the hostname or finding a way to randomize it!!! Dominique >>> >>> Strange, because those instructions are standard for removing the >>> hostname - I set it as blank, rather than commenting out. If you sniff >>> the traffic you will see that the hostname is indeed no longer sent. >>> >>> Why is it on your router interface? >>> My guess is that your router is returning the hostname that it has >>> associated with the MAC address. I've seen this happen when changing >>> hostname, and the DHCP server returns the *old* hostname as part of >>> the DHCP exchange. If you reboot the router and test again, you may find >>> that the issue goes away. >> >> Confirmed. Router was "guessing" that I was 'sys-net', but not from MAC >> (which is randomized). I believe it was using process of elimination >> based on stored device hostnames (this is not public, devices are pretty >> static). Since restarting the router, it give my pc the hostname of a >> device which connected automatically to it (the only one it had to >> "guess" from). >> >>> >>> You could, of course, set a random hostname from rc.local on each boot of >>> sys-net. >>> >>> unman >>> >>> >> >> >> -- >> qubenix >> GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 > > But why use dhcp if its a static home connection? I feel that is a security > risk for other reasons and always disable it. > I haven't looked into the security risk for dhcp connection. I intend to look into it and adjust accordingly. Thanks for the suggestion. -- qubenix GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/bb62f68f-75e4-677d-462d-44b0872d72ec%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] for people using MAC randomization (debian 9 tmpl): you might want to avoid hostname leaks via DHCP too
On Wednesday, April 12, 2017 at 10:55:08 AM UTC-4, qubenix wrote: > Unman: > > On Tue, Apr 11, 2017 at 06:20:38AM -0700, Dominique St-Pierre Boucher wrote: > >> On Monday, April 10, 2017 at 5:06:30 PM UTC-4, qubenix wrote: > >>> qubenix: > Andrew David Wong: > > On 2017-04-09 15:25, Joonas Lehtonen wrote: > >> Hi, > > > >> if you setup MAC randomization via network manager in a debian 9 > >> template as described here: > >> https://www.qubes-os.org/doc/anonymizing-your-mac-address/ > >> you still leak your hostname. > > > >> Once your MAC address is randomized you might also want to prevent the > >> disclosure of your netvm's hostname to the network, since "sys-net" > >> might be a unique hostname (that links all your random MAC addresses > >> and > >> the fact that you likely use qubes). > > > >> To prevent the hostname leak via DHCP option (12): > >> - start the debian 9 template > >> - open the file /etc/dhcpd/dhclient.conf > >> - in line number 15 you should see "send host-name = gethostname();" > >> - comment (add "#" at the beginning) or remove that line and store the > >> file > >> - reboot your netvm > > > >> I tested the change via inspecting dhcp requests and can confirm that > >> the hostname is no longer included in dhcp requests. > > > > > > Thanks. Added as a comment: > > > > https://github.com/QubesOS/qubes-issues/issues/938#issuecomment-292843628 > > > > > > Nice. I was just thinking about this after spending some time on my > routers interface. Thanks for the post! > > >>> > >>> After testing this, 'sys-net' still shows up on my router interface. > >>> > >>> -- > >>> qubenix > >>> GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 > >> > >> Did the same test and got the same result. > >> > >> Anyone has a solution? I can always change my hostname for something else, > >> but I would prefer not sending the hostname or finding a way to randomize > >> it!!! > >> > >> Dominique > >> > > > > Strange, because those instructions are standard for removing the > > hostname - I set it as blank, rather than commenting out. If you sniff > > the traffic you will see that the hostname is indeed no longer sent. > > > > Why is it on your router interface? > > My guess is that your router is returning the hostname that it has > > associated with the MAC address. I've seen this happen when changing > > hostname, and the DHCP server returns the *old* hostname as part of > > the DHCP exchange. If you reboot the router and test again, you may find > > that the issue goes away. > > Confirmed. Router was "guessing" that I was 'sys-net', but not from MAC > (which is randomized). I believe it was using process of elimination > based on stored device hostnames (this is not public, devices are pretty > static). Since restarting the router, it give my pc the hostname of a > device which connected automatically to it (the only one it had to > "guess" from). > > > > > You could, of course, set a random hostname from rc.local on each boot of > > sys-net. > > > > unman > > > > > > > -- > qubenix > GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 But why use dhcp if its a static home connection? I feel that is a security risk for other reasons and always disable it. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/43eca04b-7f97-4c27-873a-1a85d2920361%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] for people using MAC randomization (debian 9 tmpl): you might want to avoid hostname leaks via DHCP too
Unman: > On Tue, Apr 11, 2017 at 06:20:38AM -0700, Dominique St-Pierre Boucher wrote: >> On Monday, April 10, 2017 at 5:06:30 PM UTC-4, qubenix wrote: >>> qubenix: Andrew David Wong: > On 2017-04-09 15:25, Joonas Lehtonen wrote: >> Hi, > >> if you setup MAC randomization via network manager in a debian 9 >> template as described here: >> https://www.qubes-os.org/doc/anonymizing-your-mac-address/ >> you still leak your hostname. > >> Once your MAC address is randomized you might also want to prevent the >> disclosure of your netvm's hostname to the network, since "sys-net" >> might be a unique hostname (that links all your random MAC addresses and >> the fact that you likely use qubes). > >> To prevent the hostname leak via DHCP option (12): >> - start the debian 9 template >> - open the file /etc/dhcpd/dhclient.conf >> - in line number 15 you should see "send host-name = gethostname();" >> - comment (add "#" at the beginning) or remove that line and store the >> file >> - reboot your netvm > >> I tested the change via inspecting dhcp requests and can confirm that >> the hostname is no longer included in dhcp requests. > > > Thanks. Added as a comment: > > https://github.com/QubesOS/qubes-issues/issues/938#issuecomment-292843628 > > Nice. I was just thinking about this after spending some time on my routers interface. Thanks for the post! >>> >>> After testing this, 'sys-net' still shows up on my router interface. >>> >>> -- >>> qubenix >>> GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 >> >> Did the same test and got the same result. >> >> Anyone has a solution? I can always change my hostname for something else, >> but I would prefer not sending the hostname or finding a way to randomize >> it!!! >> >> Dominique >> > > Strange, because those instructions are standard for removing the > hostname - I set it as blank, rather than commenting out. If you sniff > the traffic you will see that the hostname is indeed no longer sent. > > Why is it on your router interface? > My guess is that your router is returning the hostname that it has > associated with the MAC address. I've seen this happen when changing > hostname, and the DHCP server returns the *old* hostname as part of > the DHCP exchange. If you reboot the router and test again, you may find > that the issue goes away. Confirmed. Router was "guessing" that I was 'sys-net', but not from MAC (which is randomized). I believe it was using process of elimination based on stored device hostnames (this is not public, devices are pretty static). Since restarting the router, it give my pc the hostname of a device which connected automatically to it (the only one it had to "guess" from). > > You could, of course, set a random hostname from rc.local on each boot of > sys-net. > > unman > > -- qubenix GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9245f24a-f51e-1ea8-10d1-55d92abfd6c8%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] for people using MAC randomization (debian 9 tmpl): you might want to avoid hostname leaks via DHCP too
On Tue, Apr 11, 2017 at 06:20:38AM -0700, Dominique St-Pierre Boucher wrote: > On Monday, April 10, 2017 at 5:06:30 PM UTC-4, qubenix wrote: > > qubenix: > > > Andrew David Wong: > > >> On 2017-04-09 15:25, Joonas Lehtonen wrote: > > >>> Hi, > > >> > > >>> if you setup MAC randomization via network manager in a debian 9 > > >>> template as described here: > > >>> https://www.qubes-os.org/doc/anonymizing-your-mac-address/ > > >>> you still leak your hostname. > > >> > > >>> Once your MAC address is randomized you might also want to prevent the > > >>> disclosure of your netvm's hostname to the network, since "sys-net" > > >>> might be a unique hostname (that links all your random MAC addresses and > > >>> the fact that you likely use qubes). > > >> > > >>> To prevent the hostname leak via DHCP option (12): > > >>> - start the debian 9 template > > >>> - open the file /etc/dhcpd/dhclient.conf > > >>> - in line number 15 you should see "send host-name = gethostname();" > > >>> - comment (add "#" at the beginning) or remove that line and store the > > >>> file > > >>> - reboot your netvm > > >> > > >>> I tested the change via inspecting dhcp requests and can confirm that > > >>> the hostname is no longer included in dhcp requests. > > >> > > >> > > >> Thanks. Added as a comment: > > >> > > >> https://github.com/QubesOS/qubes-issues/issues/938#issuecomment-292843628 > > >> > > >> > > > > > > Nice. I was just thinking about this after spending some time on my > > > routers interface. Thanks for the post! > > > > > > > After testing this, 'sys-net' still shows up on my router interface. > > > > -- > > qubenix > > GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 > > Did the same test and got the same result. > > Anyone has a solution? I can always change my hostname for something else, > but I would prefer not sending the hostname or finding a way to randomize > it!!! > > Dominique > Strange, because those instructions are standard for removing the hostname - I set it as blank, rather than commenting out. If you sniff the traffic you will see that the hostname is indeed no longer sent. Why is it on your router interface? My guess is that your router is returning the hostname that it has associated with the MAC address. I've seen this happen when changing hostname, and the DHCP server returns the *old* hostname as part of the DHCP exchange. If you reboot the router and test again, you may find that the issue goes away. You could, of course, set a random hostname from rc.local on each boot of sys-net. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170411232447.GA18085%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] for people using MAC randomization (debian 9 tmpl): you might want to avoid hostname leaks via DHCP too
On Monday, April 10, 2017 at 5:06:30 PM UTC-4, qubenix wrote: > qubenix: > > Andrew David Wong: > >> On 2017-04-09 15:25, Joonas Lehtonen wrote: > >>> Hi, > >> > >>> if you setup MAC randomization via network manager in a debian 9 > >>> template as described here: > >>> https://www.qubes-os.org/doc/anonymizing-your-mac-address/ > >>> you still leak your hostname. > >> > >>> Once your MAC address is randomized you might also want to prevent the > >>> disclosure of your netvm's hostname to the network, since "sys-net" > >>> might be a unique hostname (that links all your random MAC addresses and > >>> the fact that you likely use qubes). > >> > >>> To prevent the hostname leak via DHCP option (12): > >>> - start the debian 9 template > >>> - open the file /etc/dhcpd/dhclient.conf > >>> - in line number 15 you should see "send host-name = gethostname();" > >>> - comment (add "#" at the beginning) or remove that line and store the > >>> file > >>> - reboot your netvm > >> > >>> I tested the change via inspecting dhcp requests and can confirm that > >>> the hostname is no longer included in dhcp requests. > >> > >> > >> Thanks. Added as a comment: > >> > >> https://github.com/QubesOS/qubes-issues/issues/938#issuecomment-292843628 > >> > >> > > > > Nice. I was just thinking about this after spending some time on my > > routers interface. Thanks for the post! > > > > After testing this, 'sys-net' still shows up on my router interface. > > -- > qubenix > GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 if you are talking about always connecting to your own router I would do a static connection, my router won't know hostname unless I use DHCP. Not sure if this is the case for most routers or not. But its good not to use dhcp for other reasons too. If you hop around public lans then this would be more of a hassle. When I first started using qubes I too didn't like how it showed sys-net as hostname cause it would be obvious you are using Qubes. Changing name is ideal, a script to randomize it would be nice too. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1b18d551-538c-4cf8-9e71-e24784562191%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] for people using MAC randomization (debian 9 tmpl): you might want to avoid hostname leaks via DHCP too
On Monday, April 10, 2017 at 5:06:30 PM UTC-4, qubenix wrote: > qubenix: > > Andrew David Wong: > >> On 2017-04-09 15:25, Joonas Lehtonen wrote: > >>> Hi, > >> > >>> if you setup MAC randomization via network manager in a debian 9 > >>> template as described here: > >>> https://www.qubes-os.org/doc/anonymizing-your-mac-address/ > >>> you still leak your hostname. > >> > >>> Once your MAC address is randomized you might also want to prevent the > >>> disclosure of your netvm's hostname to the network, since "sys-net" > >>> might be a unique hostname (that links all your random MAC addresses and > >>> the fact that you likely use qubes). > >> > >>> To prevent the hostname leak via DHCP option (12): > >>> - start the debian 9 template > >>> - open the file /etc/dhcpd/dhclient.conf > >>> - in line number 15 you should see "send host-name = gethostname();" > >>> - comment (add "#" at the beginning) or remove that line and store the > >>> file > >>> - reboot your netvm > >> > >>> I tested the change via inspecting dhcp requests and can confirm that > >>> the hostname is no longer included in dhcp requests. > >> > >> > >> Thanks. Added as a comment: > >> > >> https://github.com/QubesOS/qubes-issues/issues/938#issuecomment-292843628 > >> > >> > > > > Nice. I was just thinking about this after spending some time on my > > routers interface. Thanks for the post! > > > > After testing this, 'sys-net' still shows up on my router interface. > > -- > qubenix > GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 Did the same test and got the same result. Anyone has a solution? I can always change my hostname for something else, but I would prefer not sending the hostname or finding a way to randomize it!!! Dominique -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ec2607a9-c361-4043-b219-76e349f4a790%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] for people using MAC randomization (debian 9 tmpl): you might want to avoid hostname leaks via DHCP too
qubenix: > Andrew David Wong: >> On 2017-04-09 15:25, Joonas Lehtonen wrote: >>> Hi, >> >>> if you setup MAC randomization via network manager in a debian 9 >>> template as described here: >>> https://www.qubes-os.org/doc/anonymizing-your-mac-address/ >>> you still leak your hostname. >> >>> Once your MAC address is randomized you might also want to prevent the >>> disclosure of your netvm's hostname to the network, since "sys-net" >>> might be a unique hostname (that links all your random MAC addresses and >>> the fact that you likely use qubes). >> >>> To prevent the hostname leak via DHCP option (12): >>> - start the debian 9 template >>> - open the file /etc/dhcpd/dhclient.conf >>> - in line number 15 you should see "send host-name = gethostname();" >>> - comment (add "#" at the beginning) or remove that line and store the file >>> - reboot your netvm >> >>> I tested the change via inspecting dhcp requests and can confirm that >>> the hostname is no longer included in dhcp requests. >> >> >> Thanks. Added as a comment: >> >> https://github.com/QubesOS/qubes-issues/issues/938#issuecomment-292843628 >> >> > > Nice. I was just thinking about this after spending some time on my > routers interface. Thanks for the post! > After testing this, 'sys-net' still shows up on my router interface. -- qubenix GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e43a76ea-eba3-9aba-f127-eec495a7fcee%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] for people using MAC randomization (debian 9 tmpl): you might want to avoid hostname leaks via DHCP too
On 04/09/2017 06:25 PM, Joonas Lehtonen wrote: Hi, if you setup MAC randomization via network manager in a debian 9 template as described here: https://www.qubes-os.org/doc/anonymizing-your-mac-address/ you still leak your hostname. I have seen reports this change in dhcp settings did not work[1], but maybe that was a bug that was fixed. Unfortunately, the effect of these measures is likely to be limited until some changes are made for common NICs[2]. 1. https://serverfault.com/questions/557120/how-do-i-stop-a-linux-computer-from-sending-a-dhcp-hostname 2. https://arxiv.org/pdf/1703.02874v1.pdf -- Chris Laprise, tas...@openmailbox.org https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2b189fab-45d8-146f-a403-6bf03f426b1c%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] for people using MAC randomization (debian 9 tmpl): you might want to avoid hostname leaks via DHCP too
>> Once your MAC address is randomized you might also want to prevent the >> disclosure of your netvm's hostname to the network, since "sys-net" >> might be a unique hostname (that links all your random MAC addresses and >> the fact that you likely use qubes). > >> To prevent the hostname leak via DHCP option (12): >> - start the debian 9 template >> - open the file /etc/dhcpd/dhclient.conf sorry there is a typo in the file path: correct file: /etc/dhcp/dhclient.conf >> - in line number 15 you should see "send host-name = gethostname();" >> - comment (add "#" at the beginning) or remove that line and store the file >> - reboot your netvm > >> I tested the change via inspecting dhcp requests and can confirm that >> the hostname is no longer included in dhcp requests. > > > Thanks. Added as a comment: > > https://github.com/QubesOS/qubes-issues/issues/938#issuecomment-292843628 thank you. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/da8baa69-eefc-674a-e7d6-e44c4163dabc%40openmailbox.org. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature
Re: [qubes-users] for people using MAC randomization (debian 9 tmpl): you might want to avoid hostname leaks via DHCP too
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-04-09 15:25, Joonas Lehtonen wrote: > Hi, > > if you setup MAC randomization via network manager in a debian 9 > template as described here: > https://www.qubes-os.org/doc/anonymizing-your-mac-address/ > you still leak your hostname. > > Once your MAC address is randomized you might also want to prevent the > disclosure of your netvm's hostname to the network, since "sys-net" > might be a unique hostname (that links all your random MAC addresses and > the fact that you likely use qubes). > > To prevent the hostname leak via DHCP option (12): > - start the debian 9 template > - open the file /etc/dhcpd/dhclient.conf > - in line number 15 you should see "send host-name = gethostname();" > - comment (add "#" at the beginning) or remove that line and store the file > - reboot your netvm > > I tested the change via inspecting dhcp requests and can confirm that > the hostname is no longer included in dhcp requests. > Thanks. Added as a comment: https://github.com/QubesOS/qubes-issues/issues/938#issuecomment-292843628 - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJY6wEhAAoJENtN07w5UDAwdI8P/2+Rl5K73adR4MiQAACLDpZj jZl9YKskHKqBUMR+m0T2LkD2yw+cGpkOXiDjypTy2eYcsPqfbp0PZnggSK/9IpKM ZjIjOmoYkm6dfp81HJbz8pqmlf6v2fEZ8CaeHqV6kZnxzlq1aqwwVwtMfrRH2Lqm HMOA5Hlh+kCCysFC1DvoaJAOL+yv1HlC0lJsCtAVMw0pJadMxNXE8+JGywyeT1sY OJ+VqOcp9sCqVta/jeWbLx/WzIjqkkDPDtVhuC9KC5uu0pg8zv76ah+nBoSbO5dO Byvj91yMsCtaDFr684Yq8YlKJLFu2TSIBoUrh5/LHOPp1QYrpOTiSjSX1tTBAYd2 pk3Sid5XxoGabSPxMHT4VF0vCQktPp4WeXjy1oRAdTyZSjx8VF9oGrZQuFzP0Fey 2Zp4nYAKXjj5Ellf89ogxObiAqmZwyMCBerFfvSEnCrtWkxdMn+8s0b9pVf2ewNe mKKW5YxyDVCpSlSmiewkUzLtihOOC7rzOanTt72ZxEpF6uwEiT8vA6V6uuEJKQrv TkQaLaXB1UnSN7mxstRVu5gi53sX1n9znBbJLiQmNcRUv/+E63Uj1biP21caOqyZ zmiffOUSUc72dJvnNsCVz9sfygTHLUKVybn5QQ0oEl1Zt4yeeFY7Cq860uEqr5lQ a6JXYZkSDeL99PRgd61w =noLw -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3c49d353-59f2-7917-9f16-e69a262b21fc%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.