How do I make Ubuntu system invisible to other systems on wireless network?

wireless wireless-access-point network-monitoring
6,238

One thing you can do is block the protocols on your firewall. The primary protocol is SMB which uses a number of ports: 135, 137, 139, and 445. Mac computers may pick you up using avahi which runs on port 5353.

If you don't have any Samba component installed you don't need to block the SMB ports. These are the tools which handle the SMB protocol, and could make you appear a Windows.

A number of packages depend on avahi components, but unless you install and configure the avahi-daemon you shouldn't appear on anyone's Network list. Without the daemon you shouldn't be announcing your presence. However, if there is no DHCP server you may end up in zero-conf mode in the 169.254.0.0/16 network block. This might make you visible.

The normal network discovery tools on the peoples desktops only discover systems which announce their presence. I think Window is quieter now, but each system used to broadcast their presence and identify every few minutes.

EDIT: Most systems get their address from a DHCP server. This configures them so that they can communicate with larger networks. DHCP data will also provide the address of the router to use and additional information.

Some systems are given static IP address configurations. Servers are usually configured this way, but can get a static IP configuration from DHCP.

The address block 169.254.0.0/16 has been defined for self-configuring autonomous networks. Basically this allows computers to self-discover an address for themselves. The avahi protocol allows hosts to register their name in the .local domain. This functionality is often referred to as zero-conf as no configuration is required. Windows (and Apple?) use this as a fall-back option if no other configuration works.

The avahi protocol can be used on any address range to announce available services. Apple calls this functionality Bonjour. Linux provides the avahi-daemon to announce and/or relay service lists.

EDIT2: I've done some further research with Windows, and haven't got it to show up in my Avahi browse list. (I don't have plans to run tests on an autonomous network.) This may be because I have DHCP running and Windows didn't fall back, or Windows may not register. Like WINS (Windows Internet Name Service), Zeroconf (avahi or Bonjour) maintains a list of servers and services which can easily be discovered and displayed by clients. Without add-on software Windows systems will not discover systems using Zeroconf.

DNS is not designed to provide the server/service discovery offered by either WINS or Zeroconf. Local networks may allow zone transfers from which some information may be discovered. Servers without zone discovery only provide name lookup services, but not the discovery services offered by WINS and Zeroconf. Additionally, DNS information is often statically defined, and may not include hosts configured by DHCP. DNS servers can be configured for dynamic updates which allows DHCP clients to register their names. Dynamic updates only provide name to IP address lookups. Apple systems do use this mechanism to discover servers and services. (From the documentation I have seen zeroconf is designed to provide discovery for more services than WINS.)

Another mechanism which can be used to discover systems is ARP. This only allows determining that a host is using an IP address, but not its name. ARP is not useful for a network neighborhood list. I do use arpwatch to discover rouge systems connecting to a network. arpwatch can also discover some configuration problems.

Share:
6,238

Related videos on Youtube

Oxwivi
Author by

Oxwivi

Updated on September 17, 2022

Comments

  • Oxwivi
    Oxwivi over 1 year

    How can I hide my computer's presence from other system(s) on the same wireless network? Windows allows you to switch off network discovery (though I'm not sure if it affects the visibility on other OSs), and I'm seeking a similar functionality for Ubuntu and Linux.

    It seems that many of you are inclined to think that this question has something to do with shares However, this has nothing to do with them, I simply do not want my system to be visible in the Network folder and it's equivalent on other OSs.

  • Oxwivi
    Oxwivi about 13 years
    No, it's not about sharing files, refer to my first comment in the question.
  • BillThor
    BillThor about 13 years
    @Toki The Network folder usually contains systems which have joined the filesharing network. You don't have to be sharing anything to join the network. On Linux the software which does that is Samba. If it isn't installed you won't appear.
  • Oxwivi
    Oxwivi about 13 years
    Does that apply to both Linux and Windows?
  • Oxwivi
    Oxwivi about 13 years
    Please elaborate the DHCP issue, I'm not really familiar with the technical aspects.
  • Oxwivi
    Oxwivi about 13 years
    Okay, so basically, as long as I don't have avahi-daemon and SAMBA components I'm invisible. What I don't is, why will zero-conf state make me vulnerable to discovery? I'm just doing a wild guesses, but is it because the address block zero-conf uses is familiar to all systems, making it easier to find peers?
  • psusi
    psusi about 13 years
    Windows didn't used to be able to speak mDNS without third party add ons. Has this changed in Win7?
  • psusi
    psusi about 13 years
    @Toki Tahmid: Samba is Linux software to speak the Windows file sharing protocols. IIRC, on Windows, it is the Server service that makes the announcements. Or was it the Browser service?
  • BillThor
    BillThor about 13 years
    @psusi I don't believe Windows can browse without add ons. But I do see it sending packets out on port 5353 on startup. It certainly falls back to the 169.254.0.0/16 address range. I don't support the address range, and have been blocking port 5353 on my firewalls.
  • Oxwivi
    Oxwivi about 13 years
    @BillThor, can you please take note of my response in the last comment?
  • BillThor
    BillThor about 13 years
    @Oxwivi: I added a second edit with more details on discovery.
  • Oxwivi
    Oxwivi about 13 years
    So zeroconf addresses can only be found by Linux or Mac systems. Thanks for all the info, and sorry for all the troubles! Truly, I'm grateful!
  • pauljohn32
    pauljohn32 about 6 years
    In /etc/hosts.deny, put "all.all". Denies all services. Must open particular by inserting in /etc/hosts.allow. Firewall great too, can do both. but this is a more fool proof approach for me. I find easier to good with iptables

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to create a wifi hotspot in Ubuntu Server?
AP mode with wpa_supplicant
How to stop Wireless AP Hosting using Network Manager on Ubuntu?
How can I create a hidden ad-hoc network?
How can i get my USB wifi to work after a reboot?
How to remove access point from saved list
How to set up a wi-fi hotspot with an Ubuntu laptop (access point mode)?
How to set up Ubuntu as wireless accesspoint?
Listing devices connected in hotspot through terminal
How to create a Wi-Fi Hotspot (in Access Point mode)?