“UbuntuHelp:AnonymizingNetworkMACAddresses”的版本间的差异
来自Ubuntu中文
小 (新页面: {{From|https://help.ubuntu.com/community/AnonymizingNetworkMACAddresses}} {{Languages|UbuntuHelp:AnonymizingNetworkMACAddresses}} Skill: ''Intermediate'' Complexity: ''Minimal'' Est``Ti...) |
小 |
||
第1行: | 第1行: | ||
{{From|https://help.ubuntu.com/community/AnonymizingNetworkMACAddresses}} | {{From|https://help.ubuntu.com/community/AnonymizingNetworkMACAddresses}} | ||
{{Languages|UbuntuHelp:AnonymizingNetworkMACAddresses}} | {{Languages|UbuntuHelp:AnonymizingNetworkMACAddresses}} | ||
− | |||
− | |||
Skill: ''Intermediate'' | Skill: ''Intermediate'' | ||
Complexity: ''Minimal'' | Complexity: ''Minimal'' | ||
Est``Time``To``Complete: ''0.5 Hours'' | Est``Time``To``Complete: ''0.5 Hours'' | ||
− | |||
== Randomized Network MAC Address == | == Randomized Network MAC Address == | ||
− | |||
You leak information about yourself everytime you associate to a network. Your computers network hardware contains an encoded, unique and serialized hexadecimal address. The MAC address is used by routers and switches on networks to direct traffic to and from your laptop. | You leak information about yourself everytime you associate to a network. Your computers network hardware contains an encoded, unique and serialized hexadecimal address. The MAC address is used by routers and switches on networks to direct traffic to and from your laptop. | ||
− | |||
Randomizing the MAC address your network hardware reports affords some level of anonymity and privacy. | Randomizing the MAC address your network hardware reports affords some level of anonymity and privacy. | ||
− | |||
'''CAUTION!:''' While MAC address randomization may afford some degree of anonymity and privacy, your network traffic activity may identify you. Additionally, if you fully randomize your MAC address, you may report such bizzare hardware vendor ids as to be quite conspicuous. | '''CAUTION!:''' While MAC address randomization may afford some degree of anonymity and privacy, your network traffic activity may identify you. Additionally, if you fully randomize your MAC address, you may report such bizzare hardware vendor ids as to be quite conspicuous. | ||
− | |||
Commands in this guide assume you have sudo'ed root. i.e., '' sudo -i'' after each terminal login. | Commands in this guide assume you have sudo'ed root. i.e., '' sudo -i'' after each terminal login. | ||
− | |||
== Install NetworkManager == | == Install NetworkManager == | ||
− | |||
You likely have it installed already and can skip this step. To check `ls /etc/NetworkManager` which should return at least `dispatcher.d`. If you don't have it installed already, load it. | You likely have it installed already and can skip this step. To check `ls /etc/NetworkManager` which should return at least `dispatcher.d`. If you don't have it installed already, load it. | ||
− | |||
<pre><nowiki> | <pre><nowiki> | ||
apt-get install network-manager | apt-get install network-manager | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
== Install MACCHANGER == | == Install MACCHANGER == | ||
− | |||
The package `macchanger` is in the `Networking (universe)`. Install it. | The package `macchanger` is in the `Networking (universe)`. Install it. | ||
− | |||
<pre><nowiki> | <pre><nowiki> | ||
apt-get install macchanger | apt-get install macchanger | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
== Create the Randomizer Trigger == | == Create the Randomizer Trigger == | ||
− | |||
Utilizing Network-Manager's methods to trigger events when a network interface changes state, place the `macchanger` script into `/etc/network/if-pre-up.d`. | Utilizing Network-Manager's methods to trigger events when a network interface changes state, place the `macchanger` script into `/etc/network/if-pre-up.d`. | ||
− | |||
<pre><nowiki> | <pre><nowiki> | ||
vi /etc/network/if-pre-up.d/macchanger | vi /etc/network/if-pre-up.d/macchanger | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
Don't change ''$IFACE''. It is a reference provided by Network``Manager for the particular activated interface. | Don't change ''$IFACE''. It is a reference provided by Network``Manager for the particular activated interface. | ||
− | |||
<pre><nowiki> | <pre><nowiki> | ||
#!/bin/sh | #!/bin/sh | ||
− | |||
# Radomize the mac address for the given interface | # Radomize the mac address for the given interface | ||
/usr/bin/macchanger -e $IFACE | /usr/bin/macchanger -e $IFACE | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
== Interface State Change == | == Interface State Change == | ||
− | |||
Now everytime ''any'' managed interface is activated, as it passes through the ''pre-up'' phase, the network MAC address will be randomized under the ''VENDOR'' id. | Now everytime ''any'' managed interface is activated, as it passes through the ''pre-up'' phase, the network MAC address will be randomized under the ''VENDOR'' id. | ||
− | |||
== Fully Random == | == Fully Random == | ||
− | |||
If you desire a completely random MAC address change the `-e` in the `macchanger` script to `-r`. There are additional switches you may consider. `man macchanger`. | If you desire a completely random MAC address change the `-e` in the `macchanger` script to `-r`. There are additional switches you may consider. `man macchanger`. | ||
− | |||
== Anonymity, Privacy, Detection == | == Anonymity, Privacy, Detection == | ||
− | |||
'''CAUTION!:''' While MAC address randomization may afford some degree of anonymity and privacy, your network traffic activity may identify you. Additionally, if you fully randomize your MAC address, you may report such bizzare hardware vendor ids as to be quite conspicuous. | '''CAUTION!:''' While MAC address randomization may afford some degree of anonymity and privacy, your network traffic activity may identify you. Additionally, if you fully randomize your MAC address, you may report such bizzare hardware vendor ids as to be quite conspicuous. | ||
− | |||
== DHCP and Other Considerations == | == DHCP and Other Considerations == | ||
− | |||
'''WARNING!:''' DHCP reservations generally rely on a MAC address to reserve a particular IP address assignment. If you randomize your MAC address you will break your reservation. | '''WARNING!:''' DHCP reservations generally rely on a MAC address to reserve a particular IP address assignment. If you randomize your MAC address you will break your reservation. | ||
− | |||
'''WARNING!:''' Any networking application or device which relies on your unique MAC address will break since randomizing it will return a different value every time the interface is activate. | '''WARNING!:''' Any networking application or device which relies on your unique MAC address will break since randomizing it will return a different value every time the interface is activate. | ||
− | |||
=== Special Mix Cases with Roaming Profiles === | === Special Mix Cases with Roaming Profiles === | ||
− | |||
For the times when you trust your network and need to report the actual/physical network MAC address you have the option of using Self:RoamingProfilesWithNetworkManager. You would relocate the `macchanger` script to the `if-pre-up.d` for the given profiles. So, when on the home network you could modify the `macchanger` script to use `-m XX:XX:XX:XX:XX:XX` to force the actual/constant MAC address. And, when on any other network run `macchanger` in random mode. | For the times when you trust your network and need to report the actual/physical network MAC address you have the option of using Self:RoamingProfilesWithNetworkManager. You would relocate the `macchanger` script to the `if-pre-up.d` for the given profiles. So, when on the home network you could modify the `macchanger` script to use `-m XX:XX:XX:XX:XX:XX` to force the actual/constant MAC address. And, when on any other network run `macchanger` in random mode. | ||
− | |||
With roaming profiles you could still accomodate DHCP reservations or special application/hardware requirements. | With roaming profiles you could still accomodate DHCP reservations or special application/hardware requirements. | ||
− | |||
== Creative Commons License == | == Creative Commons License == | ||
− | |||
Author: James B. Crocker | Author: James B. Crocker | ||
− | |||
EMail: [email protected] | EMail: [email protected] | ||
− | |||
[http://i.creativecommons.org/l/by-sa/3.0/88x31.png] | [http://i.creativecommons.org/l/by-sa/3.0/88x31.png] | ||
− | |||
This work is licensed under a [http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-Share Alike 3.0 License]. | This work is licensed under a [http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-Share Alike 3.0 License]. | ||
− | |||
---- | ---- | ||
[[category:CategoryDocumentation]] [[category:CategorySecurity]] | [[category:CategoryDocumentation]] [[category:CategorySecurity]] | ||
[[category:UbuntuHelp]] | [[category:UbuntuHelp]] |
2007年11月30日 (五) 15:21的版本
点击翻译: |
English |
请不要直接编辑翻译本页,本页将定期与来源同步。 |
Skill: Intermediate Complexity: Minimal Est``Time``To``Complete: 0.5 Hours
目录
Randomized Network MAC Address
You leak information about yourself everytime you associate to a network. Your computers network hardware contains an encoded, unique and serialized hexadecimal address. The MAC address is used by routers and switches on networks to direct traffic to and from your laptop. Randomizing the MAC address your network hardware reports affords some level of anonymity and privacy. CAUTION!: While MAC address randomization may afford some degree of anonymity and privacy, your network traffic activity may identify you. Additionally, if you fully randomize your MAC address, you may report such bizzare hardware vendor ids as to be quite conspicuous. Commands in this guide assume you have sudo'ed root. i.e., sudo -i after each terminal login.
Install NetworkManager
You likely have it installed already and can skip this step. To check `ls /etc/NetworkManager` which should return at least `dispatcher.d`. If you don't have it installed already, load it.
apt-get install network-manager
Install MACCHANGER
The package `macchanger` is in the `Networking (universe)`. Install it.
apt-get install macchanger
Create the Randomizer Trigger
Utilizing Network-Manager's methods to trigger events when a network interface changes state, place the `macchanger` script into `/etc/network/if-pre-up.d`.
vi /etc/network/if-pre-up.d/macchanger
Don't change $IFACE. It is a reference provided by Network``Manager for the particular activated interface.
#!/bin/sh # Radomize the mac address for the given interface /usr/bin/macchanger -e $IFACE
Interface State Change
Now everytime any managed interface is activated, as it passes through the pre-up phase, the network MAC address will be randomized under the VENDOR id.
Fully Random
If you desire a completely random MAC address change the `-e` in the `macchanger` script to `-r`. There are additional switches you may consider. `man macchanger`.
Anonymity, Privacy, Detection
CAUTION!: While MAC address randomization may afford some degree of anonymity and privacy, your network traffic activity may identify you. Additionally, if you fully randomize your MAC address, you may report such bizzare hardware vendor ids as to be quite conspicuous.
DHCP and Other Considerations
WARNING!: DHCP reservations generally rely on a MAC address to reserve a particular IP address assignment. If you randomize your MAC address you will break your reservation. WARNING!: Any networking application or device which relies on your unique MAC address will break since randomizing it will return a different value every time the interface is activate.
Special Mix Cases with Roaming Profiles
For the times when you trust your network and need to report the actual/physical network MAC address you have the option of using Self:RoamingProfilesWithNetworkManager. You would relocate the `macchanger` script to the `if-pre-up.d` for the given profiles. So, when on the home network you could modify the `macchanger` script to use `-m XX:XX:XX:XX:XX:XX` to force the actual/constant MAC address. And, when on any other network run `macchanger` in random mode. With roaming profiles you could still accomodate DHCP reservations or special application/hardware requirements.
Creative Commons License
Author: James B. Crocker EMail: [email protected] [1] This work is licensed under a Creative Commons Attribution-Share Alike 3.0 License.