1
0
mirror of https://github.com/PrivSec-dev/privsec.dev synced 2024-12-22 04:41:33 -05:00

Make MAC Randomization easier to follow

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2022-08-25 07:51:33 -04:00 committed by tommytran732
parent 961bb0062b
commit 09862e365a
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2

View File

@ -36,7 +36,22 @@ Many desktop Linux distributions (Fedora, openSUSE, etc) will come with [Network
It is possible to [randomize](https://fedoramagazine.org/randomize-mac-address-nm/) the [MAC address](https://en.wikipedia.org/wiki/MAC_address) when using NetworkManager. This provides a bit more privacy on Wi-Fi networks as it makes it harder to track specific devices on the network youre connected to. It does [**not**](https://papers.mathyvanhoef.com/wisec2016.pdf) make you anonymous.
I recommend changing the setting to **random** instead of **stable**, as suggested in the [article](https://fedoramagazine.org/randomize-mac-address-nm/).
If you use NetworkManager, add the following to your `/etc/NetworkManager/conf.d/00-macrandomize.conf`
```
[device]
wifi.scan-rand-mac-address=yes
[connection]
wifi.cloned-mac-address=random
ethernet.cloned-mac-address=random
connection.stable-id=${CONNECTION}/${BOOT}
```
Then, restart your NetworkManager service:
```
systemctl restart NetworkManager
```
If you are using [systemd-networkd](https://en.wikipedia.org/wiki/Systemd#Ancillary_components), you will need to set [`MACAddressPolicy=random`](https://www.freedesktop.org/software/systemd/man/systemd.link.html#MACAddressPolicy=) which will enable [RFC 7844 (Anonymity Profiles for DHCP Clients)](https://www.freedesktop.org/software/systemd/man/systemd.network.html#Anonymize=).