Unique machine name warning
26 August 2003, 09:27 AM
#1
Scooby Regular
Thread Starter
Join Date: Oct 1999
Posts: 3,491
Likes: 0
Received 0 Likes
on
0 Posts
Sorry if this has been asked before, but when I checked Shields Up last time, it warned about my reverse DNS machine name being "visible"
Went back a week later after rebooting a few times, forced a new lease with winipcfg etc, but still have the same machine name.
This would indeed then behave like a supercookie, which is clearly not what I want.
Can I hide/spoof this machine name ? Or do I have to ask my cable company to change their DNS assignment (yeah, like they will react
)
Thanks,
Theo
Went back a week later after rebooting a few times, forced a new lease with winipcfg etc, but still have the same machine name.
This would indeed then behave like a supercookie, which is clearly not what I want.
Can I hide/spoof this machine name ? Or do I have to ask my cable company to change their DNS assignment (yeah, like they will react
)Thanks,
Theo
26 August 2003, 09:28 AM
#2
Scooby Regular
Thread Starter
Join Date: Oct 1999
Posts: 3,491
Likes: 0
Received 0 Likes
on
0 Posts
26 August 2003, 09:33 AM
#3
Scooby Regular
Join Date: Jun 2000
Posts: 13,735
Likes: 0
Received 0 Likes
on
0 Posts
Theo,
All this means is that your IP address has a unique DNS name assigned to it, that's all.
You know how DNS works: name to IP address... This means that your current IP address can be looked up in reverse to give a name.
This is emphatically not a problem IMHO, Shields Up! is a tad on the paranoid side of things for some minor points, and is a tad free and easy with others.
You might find that your ISP has a pool of addresses for dial-up, such as "dial13.dialup.xyzisp.org" and similar for dsl, such as "81.x.x.x.dsl.pipex.com". Not giving much away, is it?
These are really not a problem and can be useful in some circumstances. Virii that spread through TCP/IP normally randomly generate IP addresses, not bothering to look through DNS for 'em IIRC.
Cheers,
Nick.
[Edited by chiark - 8/26/2003 9:35:34 AM]
All this means is that your IP address has a unique DNS name assigned to it, that's all.
You know how DNS works: name to IP address... This means that your current IP address can be looked up in reverse to give a name.
This is emphatically not a problem IMHO, Shields Up! is a tad on the paranoid side of things for some minor points, and is a tad free and easy with others.
You might find that your ISP has a pool of addresses for dial-up, such as "dial13.dialup.xyzisp.org" and similar for dsl, such as "81.x.x.x.dsl.pipex.com". Not giving much away, is it?
These are really not a problem and can be useful in some circumstances. Virii that spread through TCP/IP normally randomly generate IP addresses, not bothering to look through DNS for 'em IIRC.
Cheers,
Nick.
[Edited by chiark - 8/26/2003 9:35:34 AM]
26 August 2003, 09:41 AM
#5
Scooby Regular
Thread Starter
Join Date: Oct 1999
Posts: 3,491
Likes: 0
Received 0 Likes
on
0 Posts
Nick,
Thanks, it's not like I'm worried out of my mind
but...
It does enable tracking sites to see where you go, what sites you visit, intrests etc.
Cookies can't do that as they are only "visible" to the site that initiated it, but having a permanent fixed DNS name does.
I am having problem with one site that seems to break through webwasher (http://www.8ad.com) whilst visiting totally unrelated websites (and no, they don't all do **** ).
I would rather prefer having a non-fixed machine name.
Thanks, it's not like I'm worried out of my mind
but...It does enable tracking sites to see where you go, what sites you visit, intrests etc.
Cookies can't do that as they are only "visible" to the site that initiated it, but having a permanent fixed DNS name does.
I am having problem with one site that seems to break through webwasher (http://www.8ad.com) whilst visiting totally unrelated websites (and no, they don't all do ****
).I would rather prefer having a non-fixed machine name.
26 August 2003, 09:56 AM
#6
Scooby Senior
Join Date: Feb 2000
Posts: 8,204
Likes: 0
Received 0 Likes
on
0 Posts
Theo
You can use an anonymous proxy to hide all the reverse DNS/machine name stuff.
http://anon.inf.tu-dresden.de/index_en.html is one of the more reliable ones.
The shields up test was unable to do the reverse DNS trick once i'd installed it. The proxy's seem fairly quick with a small performance hit on my 1mbs connection.
[Edited by Neil Smalley - 8/26/2003 10:35:46 AM]
You can use an anonymous proxy to hide all the reverse DNS/machine name stuff.
http://anon.inf.tu-dresden.de/index_en.html is one of the more reliable ones.
The shields up test was unable to do the reverse DNS trick once i'd installed it. The proxy's seem fairly quick with a small performance hit on my 1mbs connection.
[Edited by Neil Smalley - 8/26/2003 10:35:46 AM]
26 August 2003, 09:57 AM
#7
Scooby Regular
Join Date: Jun 2000
Posts: 13,735
Likes: 0
Received 0 Likes
on
0 Posts
Don't quite get you, but that could be down to me not quite thinking it through. 
A "tracking" web site will only see that the request to the site is from your ip address and be able to look up the name. It can't see where you're going, or where you've been unless a page explicitly interacts with it: it can only see the request you make of it.
A site can do nothing more through having the ability to reverse DNS to a unique name, unless it can access the server logs of disparate web servers, and that would need collusion from the websites... However, that's a moot point as it would also be possible to track you via the IP address alone, so the unique dns entry means **** all
The IP address is always there... Reverse DNS gives nothing extra IMHO. Using RIPE you can always find out who an IP address belongs to. That's all your DNS is probably giving out - the name of your ISP and some pool entry, or something equally useless... Either way, IMHO it ain't a problem at all.
Either I've missed the point / don't know the appropriate technology about how a site could track you further with a unique DNS name rather than just having an IP address (which you'll always give out, comms wouldn't work without it as you know), or someone's feeding you bull**** as to the implications of a properly configured DNS. FWIW, I think technology to track would be technically impossible to implement given my understanding of how things work.
Cheers,
Nick.
(currently 81-86-249-4.dsl.pipex.com for what it's worth )
A "tracking" web site will only see that the request to the site is from your ip address and be able to look up the name. It can't see where you're going, or where you've been unless a page explicitly interacts with it: it can only see the request you make of it.
A site can do nothing more through having the ability to reverse DNS to a unique name, unless it can access the server logs of disparate web servers, and that would need collusion from the websites... However, that's a moot point as it would also be possible to track you via the IP address alone, so the unique dns entry means **** all
The IP address is always there... Reverse DNS gives nothing extra IMHO. Using RIPE you can always find out who an IP address belongs to. That's all your DNS is probably giving out - the name of your ISP and some pool entry, or something equally useless... Either way, IMHO it ain't a problem at all.
Either I've missed the point / don't know the appropriate technology about how a site could track you further with a unique DNS name rather than just having an IP address (which you'll always give out, comms wouldn't work without it as you know), or someone's feeding you bull**** as to the implications of a properly configured DNS. FWIW, I think technology to track would be technically impossible to implement given my understanding of how things work.
Cheers,
Nick.
(currently 81-86-249-4.dsl.pipex.com for what it's worth
)
Trending Topics
26 August 2003, 10:34 AM
#8
Scooby Regular
Can't track you at all using reverse DNS, in fact if you didn't have any reverse you may not be able to get your mail, depending on how your ISPs mailserver is set up. Nothing to worry about in the slightest, all A records should have a reverse PTR record, just most hostmasters don't bother.
26 August 2003, 10:47 AM
#9
Scooby Regular
Join Date: Mar 1999
Posts: 4,518
Likes: 0
Received 0 Likes
on
0 Posts
from the link above
As andrew said over alarmist twaddle. Very few ISPs will have per-user reverse dns entries which get dynamically assigned no matter what your IP address is. ( unless you've explcitly asked for a fixed IP in which case you must have wanted it for a resaon) its just too much like hard work.
Deano
The concern is that any web site can easily retrieve this unique "machine name" (just as we have) whenever you visit. It may be used to uniquely identify you on the Internet. In that way it's like a "supercookie" over which you have no control. You can not disable, delete, or change it
Deano
26 August 2003, 11:11 AM
#10
Scooby Regular
Thread Starter
Join Date: Oct 1999
Posts: 3,491
Likes: 0
Received 0 Likes
on
0 Posts
I'm not trying to say that it's no twaddle - I honestly don't know, and trying to find out.
Nick,
I understand that a fixed IP would be enough to identify me, so to be clear: I don't really want a fixed IP nor a fixed DNS name. Again, I'm not overly worried to be identified, I'm not shaking in my boots but I do wonder why - after all the privacy discussions about cookies - my PC should be uniquely identifiable (is that a word ?) for each site that I visit (and have links to track sites). But again, maybe I am misunderstanding this.
Sure, when you surf in the same "session" to various websites (which have links to "tracker" sites for marketing reasons), I fully understand that again the IP is enough. What I mean is with either IP or DNS fixed, you are "always" visible/trackable, even after a year.
I'll have to check whether my IP address is static, but it surely wasn't until recently.
I also have the feeling the dns name is linked to my adaptor address (MAC ?)
Thanks for that link Neil, looking at it right now.
Finally, taking that it is indeed twaddle, can anyone comment on that pesky 8ad.com ?
Nick,
However, that's a moot point as it would also be possible to track you via the IP address alone, so the unique dns entry means **** all
but I do wonder why - after all the privacy discussions about cookies - my PC should be uniquely identifiable (is that a word ?) for each site that I visit (and have links to track sites). But again, maybe I am misunderstanding this.Sure, when you surf in the same "session" to various websites (which have links to "tracker" sites for marketing reasons), I fully understand that again the IP is enough. What I mean is with either IP or DNS fixed, you are "always" visible/trackable, even after a year.
I'll have to check whether my IP address is static, but it surely wasn't until recently.
I also have the feeling the dns name is linked to my adaptor address (MAC ?)
Thanks for that link Neil, looking at it right now.
Finally, taking that it is indeed twaddle, can anyone comment on that pesky 8ad.com ?
26 August 2003, 11:36 AM
#11
Scooby Regular
Your IP can't reliably be used to "track" you - for all "they" know you're using an anonymizing proxy already, or your IP is dynamic every time you dial up, or whatever. That's precisely the reason why one shouldn't use digest hashes (for example) with IP addresses when using cookies for login purposes. If an IP was enough to track someone they wouldn't be setting cookies 
Steve.
Steve.
Thread
Thread Starter
Forum
Replies
Last Post