Disable device name broadcasting

security privacy

2,190

Solution 1

I always found the best way to make your PC or even you mini network disappear is to put down a firewall inside the network you are trying to hide from. It could be as simple as a cheap dlink\linksys gateway, treat the IP space on the network as the internet connection.

I would static set the WAN IP to something the local network is not going to miss. Then all the machines you want invisible can then plug into the lan portion of this device. If you wanted to go completely covert then make sure the lan ports and you mini network are on a different IP subnet entirely.

I will list a configuration below as to an example of what I mean. Now no machine will see or even be able to scan for you or any machine you put behind this device. Be sure to use the ISP DNS servers and not the local network DNS server as those requests will get logged.

Note: The only machine that can log anything about you or your traffic is the default gateway on the local network. This is tough to beat and I found the best is to establish a site to site VPN tunnel. It requires a true firewall on the network you are hiding on, a PC with linux and 2 NICs is plenty.

The next requirement is a similar PC running linux and 2 nics on a safe haven network (could be your home network). The hiding firewall will have on its one NIC using the IP and gateway of the local network. On NIC#2 will be a different IP subnet to talk to your mini hiding network. This firewall machine initiates a site to site VPN connection to its brother machine on the safe haven network.

The 2 machines will route between the 2 networks (safe haven and your new mini hiding network). The tunnel runs completely through the local network you are hiding from. All traffic sent between the 2 sites is truly invisible because it is encapsulated and encrypted over this tunnel.

Now only the VPN packets which can't be read anyway can only be seen by the gateway on the local network. Everything you do on the internet will be tunneled over to safe haven and the local gateway cannot monitor where you go or what you are doing on the internet.

As far as accessing the local network and its resources be sure to add on your firewall an exception to the routeing table. To route everything over the VPN except to route anything to the local network thru the local network interface on your firewall not the VPN interface. Again you have a different IP subnet so you can go onto that network thru your firewall but no one on that network can follow you back.

Example of the simple dlink config:

Local Area Network you wish to hide frop (these are example IP's you need to find the real ones before you do this exercise)

IF{
Their Gateway 192.168.0.1
Their subnet 255.255.255.0
Their DNS: 192.168.0.2
Their ISP DNS: 64.59.166.15
}
THEN{
Your Dlink WAN IP 192.168.0.239 (* read below how to find the right ip to use)
Your Dlink WAN GW: 192.168.0.1
Your Dlink WAN SN: 255.255.255.0
Your Dlink WAN DNS: 64.59.166.15

Your Dlink LAN IP: 192.168.13.1
Your Dlink LAN DHCP: 192.168.13.10~30
Your Dlink LAN GW: 192..168.13.1
Your Dlink LAN SN: 255.255.255.0
Your DLink LAN DNS: 64.59.166.15 (do not use their 192.168.0.2 machine as your dns - Logging)
}

How to select a good IP on the local network for your dlink unit?

I would scan the entire IP range 192.168.0.0 and see where the DHCP scope is. If all the machines are being assigned 192.168.0.10-200 then find out if this is fairly full if it is then stay out to avoid ip conflict. If not full grab an IP high in the range to avoid conflict but not so high you stand out in a ip scan.

I like to examine what lies outside the dhcp scope, typically static assign devices like network printers. Find an IP inside this scope to statically set your dlink wan port. Most of these gateway devices even allow you to change the device name so if someone did do a probe on the network make sure you pick a name that belongs in your scope, as an example change you dlink device name to HP1021PRNTSRV0001020200 Just something that looks like it belongs in the ip range you are pretending to belong to.

Solution 2

Disable NetBIOS in the options of the device.
Disable DHCP and go Static instead or set your DHCP client not to set a host name with its request.

2,190

AbtPst

Updated on September 18, 2022

Comments

AbtPst over 1 year

is there a way to exclude the first n lines of a file while loading some data on pig ?

I have a csv file that i would like to load but i have to ignore the first 3 lines.
- MaQleod almost 13 years
  
  That table is the DHCP lease table.
- jcrawfordor almost 13 years
  
  I'm curious as to why you want to disable this, because I'm pretty sure it's for a bad reason (i.e. you are trying to do something that you should do some other way). Even if you disable broadcasting of your computer's name, it will still be discoverable by it's IP address, this is necessary for the network to function.
- Sonny Ordell almost 13 years
  
  jcrawfordor, basically not all devices have hostnames, I would like to mimic not having a hostname as much as possible.
- LiMuBei about 9 years
  
  Depending on how your csv file looks CSVExcelStorage (pig.apache.org/docs/r0.12.0/api/org/apache/pig/piggybank/…) might be worth a look.
Sonny Ordell almost 13 years

On a Windows machine NetBIOS is needed, is it not? How on Windows can you tell the DHCP client not to set a host name?
Tamara Wijsman almost 13 years

If it's not possible, disable it instead and go Static. As the host name is needed by the router for handling the DHCP request and the best you could do is try to let it send a blank one using the registry, which I would consider a bad thing to do.
jcrawfordor almost 13 years

NetBIOS (which is referred to as Windows Networking) is not necessary for Windows to function, just for you to use Windows network services (SMB network file access and printing, mostly). You can disable File & Printer Sharing or something similarly worded in Windows, and I think this will stop it from broadcasting a NetBIOS identity.
user1686 almost 13 years

@jcrawfordor: NetBIOS is not necessary for file sharing to work. Starting with XP, Windows can use "raw" SMB over TCP, with DNS for name resolution. (Home routers often provide the latter.)
Sonny Ordell almost 13 years

Tom, how can the hostname be required for handling DHCP when some devices don't have hostnames?
Tamara Wijsman almost 13 years

I did not say required, but it is provided by default. Please consult sname on Page 8/9 of RFC 2131.
slhck almost 12 years

Next time, please use paragraphs to break up your text into readable chunks. Thanks!