Re: hostname

To: debian-user@lists.debian.org
Subject: Re: hostname
From: David Wright <deblis@lionunicorn.co.uk>
Date: Tue, 3 Apr 2018 10:31:57 -0500
Message-id: <[🔎] 20180403153157.GB8281@alum>
Reply-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 6ac3ef92-7517-ef8b-ff2f-cf0416c22776@mail.com>
References: <f000b06f310fd79143db19a7c5ec9adc.squirrel@_> <20180219163246.ieubnhkkvrstwwm7@eeg.ccf.org> <d31200ad-7076-2334-c44d-77dbbf4dfc74@walnut.gen.nz> <20180221140341.ll7efjof33lgheug@eeg.ccf.org> <20180330163053.GC7013@alum> <[🔎] 6ac3ef92-7517-ef8b-ff2f-cf0416c22776@mail.com>

On Tue 03 Apr 2018 at 08:39:31 (+0200), john doe wrote:
> On 3/30/2018 6:30 PM, David Wright wrote:
> >On Wed 21 Feb 2018 at 09:03:41 (-0500), Greg Wooledge wrote:
> >>On Wed, Feb 21, 2018 at 01:48:32PM +1300, Richard Hector wrote:
> >>>On 20/02/18 05:32, Greg Wooledge wrote:
> >>>>You appear to be concerned that your hostname contains secret information,
> >>>>and that having your hostname "leaked" to the rest of the world will be
> >>>>an issue for you?
> >>>>
> >>>>If that's the case, try not putting secret information into your
> >>>>hostname.  E.g. naming your machine my_mothers_maiden_name_is_johnson
> >>>>might be a bad idea.
> >>>
> >>>I haven't been following the thread, but to be fair hostnames could
> >>>sometimes contain info that you might not want to spread around
> >>>unnecessarily. Eg "pg1-linode-tx" might be a useful hostname for your
> >>>first Texas DB VM, but you might not want to reveal that much info to
> >>>the whole world.
> >>
> >>Then don't choose that hostname.  That's the entire point I'm trying
> >>to make.  In Debian, you get to choose what your hostname is.  If you
> >>want it to be as meaningless as possible, use something like pwgen to
> >>generate a random string for you.
> >>
> >>Why this is even being *discussed* is beyond me.  I still don't understand
> >>the OP's rants.  Maybe it's a Windows-user thing?
> >
> >It may simply be that the OP has read RFC 8117.
> >Section 5 could cause consternation to john doe!
> 
> This only applies to server facing internet if my understanding is correct.

Difficult to reconcile this with the RFC's:
  "Suppose an adversary wants to track the people connecting to a
   specific Wi-Fi hot spot, for example, in a railroad station. Assume
   that the adversary is able to retrieve the hostname used by a
   specific laptop.  That, in itself, might not be enough to identify
   the laptop's owner.  Suppose, however, that the adversary observes
   that the laptop name is "dthaler-laptop" and that the laptop has
   established a VPN connection to the Microsoft corporate network. The
   two pieces of information, put together, firmly point to Dave Thaler,
   employed by Microsoft.  The identification is successful."

Difficult to reconcile this with §5's:
   "There are several ways to remedy the hostname practices.  We could
   instruct people to just turn off any protocol that leaks hostnames,
   at least when they visit some "insecure" place."

Cheers,
David.

Reply to:

References:
- Re: hostname
  - From: john doe <johndoe65534@mail.com>

Prev by Date: Re: What is the universal (world wide) understanding behind degaussing harddisks?
Next by Date: Re: What is the universal (world wide) understanding behind degaussing harddisks?
Previous by thread: Re: hostname
Next by thread: Clarification of "Debian GNU/Linux Installation Guide" Section 4.3.3.2
Index(es):
- Date
- Thread