mirror of
https://github.com/PrivSec-dev/privsec.dev
synced 2024-11-17 12:01:35 -05:00
Make MAC Randomization easier to follow
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
parent
961bb0062b
commit
09862e365a
@ -36,7 +36,22 @@ Many desktop Linux distributions (Fedora, openSUSE, etc) will come with [Network
|
|||||||
|
|
||||||
It is possible to [randomize](https://fedoramagazine.org/randomize-mac-address-nm/) the [MAC address](https://en.wikipedia.org/wiki/MAC_address) when using NetworkManager. This provides a bit more privacy on Wi-Fi networks as it makes it harder to track specific devices on the network you’re connected to. It does [**not**](https://papers.mathyvanhoef.com/wisec2016.pdf) make you anonymous.
|
It is possible to [randomize](https://fedoramagazine.org/randomize-mac-address-nm/) the [MAC address](https://en.wikipedia.org/wiki/MAC_address) when using NetworkManager. This provides a bit more privacy on Wi-Fi networks as it makes it harder to track specific devices on the network you’re connected to. It does [**not**](https://papers.mathyvanhoef.com/wisec2016.pdf) make you anonymous.
|
||||||
|
|
||||||
I recommend changing the setting to **random** instead of **stable**, as suggested in the [article](https://fedoramagazine.org/randomize-mac-address-nm/).
|
If you use NetworkManager, add the following to your `/etc/NetworkManager/conf.d/00-macrandomize.conf`
|
||||||
|
```
|
||||||
|
[device]
|
||||||
|
wifi.scan-rand-mac-address=yes
|
||||||
|
|
||||||
|
[connection]
|
||||||
|
wifi.cloned-mac-address=random
|
||||||
|
ethernet.cloned-mac-address=random
|
||||||
|
connection.stable-id=${CONNECTION}/${BOOT}
|
||||||
|
```
|
||||||
|
|
||||||
|
Then, restart your NetworkManager service:
|
||||||
|
|
||||||
|
```
|
||||||
|
systemctl restart NetworkManager
|
||||||
|
```
|
||||||
|
|
||||||
If you are using [systemd-networkd](https://en.wikipedia.org/wiki/Systemd#Ancillary_components), you will need to set [`MACAddressPolicy=random`](https://www.freedesktop.org/software/systemd/man/systemd.link.html#MACAddressPolicy=) which will enable [RFC 7844 (Anonymity Profiles for DHCP Clients)](https://www.freedesktop.org/software/systemd/man/systemd.network.html#Anonymize=).
|
If you are using [systemd-networkd](https://en.wikipedia.org/wiki/Systemd#Ancillary_components), you will need to set [`MACAddressPolicy=random`](https://www.freedesktop.org/software/systemd/man/systemd.link.html#MACAddressPolicy=) which will enable [RFC 7844 (Anonymity Profiles for DHCP Clients)](https://www.freedesktop.org/software/systemd/man/systemd.network.html#Anonymize=).
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user