Information Technology News.


The ongoing controversy on how to name internet devices

Share on Twitter.

Sponsered ad: Get a Linux Enterprise server with 92 Gigs of RAM, 16 CPUs and 8 TB of storage at our liquidation sale. Only one left in stock.

Sponsered ad: Order the best SMTP service for your business. Guaranteed or your money back.

March 14, 2017

Here's something network admins have had to deal with since almost day one when the internet came to life: naming devices. And it may seem trivial at first, but it's still a topic of endless debate among the internet community.

If you absolutely must give your devices names, please don't leak them on the Web. That's the advice of one Internet Architecture Board (IAB) member, a former chair of the organization and a German computer science academic.

In an IETF RFC entitled 'Current Hostname Practice Considered Harmful' the trio (Christian Huitema, a former IAB chair; current IAB member Dave Thaler; and Rolf Winter of the Augsburg University of Applied Sciences) argue that too many internet protocols leak sufficient information to make hostnames a privacy risk.

The informational RFC (meaning it's not on the standards track, at least for now) fits in the context of the IAB's and IETF's painful work to make privacy the default stance of the World Wide Web.

“But everyone knows that a hostname and a suffix are the basis of a Fully Qualified Domain Name (FQDN). Then, how can we properly locate myhost.example.com in the DNS without names?,” you may ask.

It's not DNS naming that the paper proposes replacing, but rather, all the other ways people use names that can leak. As they explain, “it is common practice to use the hostname without further qualification in a variety of applications from file sharing to network management. After all, hostnames are typically published as part of domain names and can be obtained through a variety of name lookup and discovery protocols.”

Instead, think of a device that might interest a curious person: “Donald's_Samsung_S3” or “Debra's_Bedroom”. If those names leak to the Internet, it thus makes surveillance significantly easier.

Worse, the phone carries that name with its owner as well, and as long as the WiFi is on, it advertises itself, meaning an attacker “can correlate the hostname with various other information extracted from traffic analysis and other information sources, and they can potentially identify the device, its properties, and its user”.

The RFC says the authors' experiments at an IETF meeting showed that with enough hostnames in a database and access to other datasets, IE, an LDAP server on the same network, for example, “the identification of the device owner can become trivial given only partial identifiers in a hostname”.

The paper identifies the “guilty parties” – protocols that leak hostnames – as DHCP, various aspects of DNS, link-local multicast name resolution, and NetBIOS over TCP.

Some of these represent leaks inside the firewall rather than on the public Internet, but on the one hand, it's not impossible to breach or monitor networks. And on the other hand, someone logging into the enterprise network over public WiFi is sniffable to the identity level even if they encrypt their traffic.

As well as avoiding naming hosts where it's not necessary, the authors suggest applying the principles of MAC address randomisation to hostnames. However, as we reported last week, that technique needs an effective implementation and they're hard to find. Lots of things can go haywire with that, as some system admins will tell you.

Since it's almost impossible to root out every protocol that assumes a host publishes its name somewhere, the three experts suggest operating system makers – all the way to smartphones – allow hosts to have a global and a per network hostname, nevertheless.

In that manner, if it's a named host on the Internet, that hostname doesn't necessarily map to the “my” randomised hostname. We'll keep you posted on this and other news.

Source: The Internet Architecture Board.


Sponsered ad: Get a Linux Enterprise server with 92 Gigs of RAM, 16 CPUs and 8 TB of storage at our liquidation sale. Only one left in stock.

Sponsered ad: Order the best SMTP service for your business. Guaranteed or your money back.

Share on Twitter.

IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

All logos, trade marks or service marks on this site are the property of their respective owners.

Sponsored by Sure Mail™, Avantex and
by Montreal Server Colocation.

       © IT Direction. All rights reserved.