Return to Level1Techs.com

Heimdallr's Security Howto's {Randomizing your MAC and System ID}

#1

Not sure if blog is the correct place for this but I figured since its nearly standard in Kernel 4.18 id share a small tip that I use to keep myself from being tracked by means of a MAC address or hostname.

I am also working on a random UUID generation everytime I connect but it is still a WIP

You are forewarned that this comes at the cost of convenience and you will be required to relog or accept the hotspot terms and services on every connect. I value this though so Im fine with these consequences.

Also it has the advantage that in a school or university network your device is literally new on each connect. Depending on how IP addresses are issued and DHCP leases are renewed this can become problematic but at my network it works.

Now before we start if by the time you reach the end and you have a suggested improvement. I would love to hear it :slight_smile:.

Bearing this in mind lets start

Start by running the following command. I am in fedora so nano is present

sudo nano /etc/NetworkManager/conf.d/00-macrandomize.conf

This file will be blank so place the following inside.

[device]
wifi.scan-rand-mac-address=yes

[connection]
wifi.cloned-mac-address=random
ethernet.cloned-mac-address=random
connection.stable-id=${CONNECTION}/${BOOT}

note: The stable setting is useful to get the same IP address from DHCP, or a hotspot portal might remember your login status based on the MAC address. With random you will be required to re-authenticate each time. I like this setting

Now you will want to keep your hostname randomized as well to avoid tracking so here is how you do this.

sudo nano /usr/bin/newhostname

#!/usr/bin/env bash
# Description: Generate and set a random hostname on Fedora
# Requires packages "SED and AWK"

__set_random_hostname() {
  local new_hostname=$(head -n1 < <(fold -w8 < <(tr -cd 'a-z0-9' < /dev/urandom)))
  # set new hostname
  hostnamectl set-hostname "$new_hostname"
  # set new hostname in /etc/hosts
  sed -i "2 s/^.*$/127.0.1.1       $new_hostname/g" /etc/hosts
}

__set_random_hostname

Make it executable:

chmod +x /usr/bin/newhostname

Make it run at startup:

sudo nano /etc/systemd/system/newhostname.service

Place in this file

[Unit]
Description=Start Fedora 29 with a different hostname each boot
Wants=network-pre.target
Before=network-pre.target

[Service]
ExecStart=/usr/bin/newhostname
Type=oneshot

[Install]
WantedBy=multi-user.target

Now enable your tweaks and restart network services

sudo systemctl enable newhostname && sudo systemctl restart NetworkManager

Have fun and enjoy!. Realize there are some inconveniences that this will create! :smiley:

8 Likes

#2

I really like this. I was wondering if it could be changed to work on my ethernet network?

1 Like

#3

There’s also macchanger which can automatically spoof a random address on each reconnect, and also simulate a burnt-in address

2 Likes

#4

Pretty sure it’s built into fedora unless your speaking about the additional add-on package

0 Likes

#5

Its already doing it for both. See Ethernet.xxx

1 Like

#6

Sorry about that, I reread your post and see you were right.

1 Like

#7

No worries :joy::joy::rofl:

0 Likes

#8

I would like to make a system level android script at some point

2 Likes

#9

Please to all in the thread. Realize randomization of system ID can break some softwares activation of their licenses… i.e MATLAB … please check with your provider on whether continuous activation is acceptable

1 Like

#10

I’ve not done ip6, but doesn’t it include something similar?
Like to begin with, it might have used the hardware address as part of the ip address, then started to randomise it once people realised giving an private value is bad…?

1 Like

#11

I think there are privacy extensions however what I would use IP6 for is not privacy but instead uniqueness that nobody will copy

0 Likes

#12

This is nice! much likey :smiley:

1 Like