how-to block ads
|
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
 ·AT&T U-Verse
 ·AT&T Midwest
| reply to antdude
Re: Wireless question
Sending the name seems to be a windows kind of thing.
I mostly run linux, with a statically defined IP address, and the router does not know the machine name. But when I occasionally boot to Windows, and use the same static IP address, the router knows my machine name (I use a different machine name under Windows, so I can tell it is Windows sending that).
You might be able to block all dhcp requests in a software firewall. But you would have to assign a static IP to do that. So it isn't very practical when using wireless, since you are often using wireless on networks that you don't control and must depend on DHCP to assign the IP.
--
AT&T dsl; Westell 327w modem/router; openSuSE 11.0; firefox 3.0.10 | |
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
| said by nwrickert  :Sending the name seems to be a windows kind of thing. I mostly run linux, with a statically defined IP address, and the router does not know the machine name. But when I occasionally boot to Windows, and use the same static IP address, the router knows my machine name (I use a different machine name under Windows, so I can tell it is Windows sending that). You might be able to block all dhcp requests in a software firewall. But you would have to assign a static IP to do that. So it isn't very practical when using wireless, since you are often using wireless on networks that you don't control and must depend on DHCP to assign the IP. I wonder how one blocks Windows' name then. I know nbtstat can used if one knows the address and stuff.
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer | |
docrice
join:2008-03-31
Fremont, CA
| There are several "name leaks" (if you want to call it that) which occurs with Windows-based systems. In the DHCP Request packet, the hostname of the system is sent as option 12 (in an Active Directory directory environment, this helps the DHCP server update DNS). If dynamic DNS is supported, the client may also try to register their hostname into the DNS server and these are observable via the DNS update queries from the client.
You also have the infamous "NetBIOS" services on UDP 137 and 138 (and optionally TCP 139 which is more or less replaced via TCP 445 these days). These are legacy NetBIOS service enumeration / discovery methods for NetBIOS name suffixes (which denote the service type, whether it's a Workstation service, a PDC, etc.) which generally aren't useful unless you're running an NT 4.0 domain (almost no one these days) or you need your internal network to announce itself in such a manner due to the lack of centralized service enumeration methods (such as DNS SRV records). The Browser service on UDP 138 is there to help populate your "network neighborhood" browse list as well as help in the selection of a Master Browser, etc. (in the NetBIOS sense). All the NetBIOS stuff can be disabled under your interface's IP properties under Advanced -> WINS. You'll need to do this for each individual interface.
SMB / CIFS connections are under the "File and Printer Sharing" option, but there really isn't a "leak" in this sense since having a network share doesn't mean the machine broadcasts its availability.
Windows also tends to give itself away when you have SSDP involved running over UDP 1900. You can look that up. In Vista, you also have Link Layer Topology Discovery and other IPv6 stuff which clutters the network, although it's nice to help draw a network route diagram at a basic level. | |
-
|
