point-to-point protocol and pc data - PPP

This is a discussion on point-to-point protocol and pc data - PPP ; HI, I wonder if during PPP establishment are send any personal identification data of the own pc? I'm not referring to the username and password but I'm referring to unequivocal hardware indentification like the unique MAC when I use Ethernet. ...

+ Reply to Thread
Results 1 to 14 of 14

Thread: point-to-point protocol and pc data

  1. point-to-point protocol and pc data

    HI,
    I wonder if during PPP establishment are send any personal
    identification data of the own pc? I'm not referring to the username
    and password but I'm referring to unequivocal hardware indentification
    like the unique MAC when I use Ethernet.


    thanks
    bye Sally

  2. Re: point-to-point protocol and pc data

    In article ,
    wrote:
    >HI,
    >I wonder if during PPP establishment are send any personal
    >identification data of the own pc? I'm not referring to the username
    >and password but I'm referring to unequivocal hardware indentification
    >like the unique MAC when I use Ethernet.


    No. The protocol doesn't require any, and any real system wouldn't be so
    careless as to send something unique without you telling it to. Why do you
    ask?

    Patrick
    =========== For PPP Protocol Analysis, check out PacketView Pro! ===========
    Patrick Klos Email: patrick@klos.com
    Klos Technologies, Inc. Web: http://www.klos.com/
    ================================================== ==========================


  3. Re: point-to-point protocol and pc data

    Hello,

    ploik000@gmail.com a écrit :
    > I wonder if during PPP establishment are send any personal
    > identification data of the own pc? I'm not referring to the username
    > and password but I'm referring to unequivocal hardware indentification
    > like the unique MAC when I use Ethernet.


    This may happen, depending on the platform and PPP software. For
    instance, cf. the "ipv6cp-use-persistent" option in pppd :

    ipv6 ,
    Set the local and/or remote 64-bit interface identifier. Either
    one may be omitted. The identifier must be specified in standard
    ascii notation of IPv6 addresses (e.g. ::dead:beef). If the
    ipv6cp-use-ipaddr option is given, the local identifier is the
    local IPv4 address (see above). On systems which supports a
    unique persistent id, such as EUI-48 derived from the Ethernet
    MAC address, ipv6cp-use-persistent option can be used to replace
    the ipv6 , option. Otherwise the identifier is
    randomized.

  4. Re: point-to-point protocol and pc data

    Pascal Hambourg writes:
    > Hello,
    >
    > ploik000@gmail.com a écrit :
    > > I wonder if during PPP establishment are send any personal
    > > identification data of the own pc? I'm not referring to the username
    > > and password but I'm referring to unequivocal hardware indentification
    > > like the unique MAC when I use Ethernet.

    >
    > This may happen, depending on the platform and PPP software. For
    > instance, cf. the "ipv6cp-use-persistent" option in pppd :


    Another way it can happen is with the RFC 1990 Multilink PPP endpoint
    discriminator.

    I guess I don't usually consider any of my MAC addresses to be
    "personal." It's not how I identify myself socially. ;-}

    --
    James Carlson, Solaris Networking
    Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084
    MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677

  5. Re: point-to-point protocol and pc data

    it's all very confusing. I mean exist or not a unique identifier for
    PPP adaptater; If yes, how can i find it on windows xp ?

    thanks

  6. Re: point-to-point protocol and pc data

    ploik000@gmail.com writes:
    > it's all very confusing. I mean exist or not a unique identifier for
    > PPP adaptater; If yes, how can i find it on windows xp ?


    No clue about Windows, but PPP itself doesn't always need a unique
    identifier because the wire itself is a unique physical identifier.

    It's not the same as Ethernet. The places where unique identifiers
    are needed are few, but:

    - You might consider the IP addresses at each end of the link to be
    unique identifiers. They're clearly unique -- in any functioning
    internet -- and they're clearly something that identifies the link
    itself.

    - The authentication protocols naturally require you to provide
    identifying information of some sort -- typically a user name and
    password. I don't think there are ISPs that will establish a link
    without some form of identification (though I guess it's
    posssible).

    - RFC 1990 multilink operation contains an endpoint identifier. The
    use of it is so that the PPP peer can determine whether two links
    are terminated on the same remote box. You can put anything you
    want there -- not just a MAC address, though that's convenient and
    common -- and it's not actually required for multilink operation.
    It just helps make sure mistakes don't happen.

    - IPX uses MAC addresses to identify nodes within a network. If you
    still use IPX (really? in 2008?), then you'll end up with those
    MAC addresses exchanged with others.

    - Similarly, ISO systems use MAC addresses to construct Network
    Entity Titles (NET), which are used in routing. If you're
    forwarding that stuff, then you may be leaking MAC information.

    - Dial-back protocols tend to include identifying information,
    namely a telephone number (which is far more identifying than is a
    MAC address). But on a telephone link, you give away your
    identity when you first dial in anyway.

    - IPv6 uses 64-bit identifiers for the endpoint addresses. Those
    are typically generated using a local available MAC address (when
    possible) as keeping the same IPv6 address over time is generally
    considered A Good Thing for applications, but any stable number
    will work. (And even a random number is ok, as long as you don't
    care about application goodness.)

    There may be other cases, but those are the ones that come to mind.

    I think your fears are _far_ overblown, but if you're still concerned
    about the issues here, I suggest you read the RFCs or find a book
    about PPP itself. There is at least one that goes into detail about
    how the protocol works.

    --
    James Carlson, Solaris Networking
    Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084
    MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677

  7. Re: point-to-point protocol and pc data

    In the case ppp is used over a dial-up I think IP address is not a
    valid unique identifier because
    it is remotely assigned and it changes every time you connect to a
    ISP.

    So assumig ppp used over a dial-up, which of the case you have
    described are applicable?

    regards

  8. Re: point-to-point protocol and pc data

    In the case ppp is used over a dial-up I think IP address is not a
    valid unique identifier because
    it is remotely assigned and it changes every time you connect to a
    ISP.

    So assumig ppp used over a dial-up, which of the case you have
    described are applicable?

    regards

  9. Re: point-to-point protocol and pc data

    On Fri, 14 Mar 2008, in the Usenet newsgroup comp.protocols.ppp, in article
    ,
    ploik000@gmail.com wrote:

    >it's all very confusing. I mean exist or not a unique identifier for
    >PPP adaptater; If yes, how can i find it on windows xp ?


    I believe you are referring to the meaningless techno-babble that
    microsoft lists under the DOS command "ipconfig /all" (note - I quit
    using windoze in 1992, so I'm not sure what icon you click to run that
    command). You'll see something like

    PPP adapter RAS Server (Dial In) Interface:
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
    Physical Address. . . . . . . . . : 00-53-45-00-00-00
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.9.201
    Subnet Mask . . . . . . . . . . . : 255.255.255.255
    Default Gateway . . . . . . . . . :

    The "Physical Address" is totally meaningless (it's an ASCII string,
    here, the letters "SE"). A serial port doesn't have a hardware address
    such as is needed on Ethernet.

    To see the information your windoze box is sending and receiving, you
    could turn on PPP connection logging (I'm told it is a click box in
    your ISP's icon under Properties -> Server Types ->Record a log file).
    DO NOT POST THIS LOG, as it is very large, and full of techno-babble
    meant to intimidate users, and consequently few people even know that
    it exists, let alone how to try to read it. Find a friend who also
    uses dialup and XP, and _you_ compare the ppp logs. You won't find
    any secret identifiers unless you are using multi-link or IPv6.

    PPP is not your security problem. You are far easier to trace because
    of data your normal applications (such as your browser) return to
    anyone who asks.

    Old guy


  10. Re: point-to-point protocol and pc data

    ploik000@gmail.com writes:
    > In the case ppp is used over a dial-up I think IP address is not a
    > valid unique identifier because
    > it is remotely assigned and it changes every time you connect to a
    > ISP.


    It's a trivial matter to determine (from the ISPs call detail records)
    exactly when you called them, what IP address you were given for the
    time you were connected, and extract your identity that way.

    The fact that it might be different on each call is of no real use in
    obscuring your identity (as such).

    It gets worse. If you use any applications at all (you did bring up
    that PPP link so that you could use some networking applications,
    right?), then those applications can each have their own means of
    leaking identifiable information.

    You're not anonymous. Get over it.

    > So assumig ppp used over a dial-up, which of the case you have
    > described are applicable?


    That's not really enough to go on, but I'll take a stab at it since I
    think the question is meaningless:

    - The IP addresses are (as noted above) useful identifiers.

    - The authentication data you supply to start the link connects your
    link to an account at the ISP, which typically has identifying
    information in it.

    - Multilink is typically not used on a dial-up link. There's
    nothing that prohibits it, but it's not common and doesn't work
    well.

    - I don't know about your ISP, but modern ones typically don't do
    IPX or ISO, so those aren't concerns.

    - Dial-back is unlikely, but since you admit you're using a dial-up
    link, the provider likely has trunk-side connections into the
    local telephone switch (rather than line-side), which means that
    he can get special features (Automatic Number Identification --
    ANI) that give the ISP your telephone number every time you call.
    And, no, you can't block it.

    - Most ISPs don't yet bother with IPv6, but even if yours does
    support it, it's easy to provide a dummy identifier. But if you
    do that, then doesn't the dummy number still identify you?

    My advice would be just to get over your MAC address fetish. It's not
    healthy.

    --
    James Carlson, Solaris Networking
    Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084
    MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677

  11. Re: point-to-point protocol and pc data

    On Fri, 14 Mar 2008 08:36:31 -0700 (PDT), ploik000@gmail.com
    wrote:

    > In the case ppp is used over a dial-up I think IP address is not a valid
    > unique identifier because it is remotely assigned and it changes every
    > time you connect to a ISP.


    In general, commercial ISPs don't care about identifying a particular
    machine. So long as you know your username and password, that's good
    enough.

    Ultimately, an IP, almost always assigned by the ISP, uniquely identifies
    the interface. Typically, that involves you requesting some IP, the peer
    (ISP) saying, "no, but this one's okay," and you making another request with
    the peer-provided address. The initial IP request could potentially be a
    security problem...but probably not.

    Private networks may (and probably should) require more stringent
    identification and may or may not assign IPs.

  12. Re: point-to-point protocol and pc data

    On 14 Mar, 21:04, ibupro...@painkiller.example.tld (Moe Trin) wrote:
    > On Fri, 14 Mar 2008, in the Usenet newsgroup comp.protocols.ppp, in article
    > ,
    >
    > ploik...@gmail.com wrote:
    > >it's all very confusing. I mean exist or not a unique identifier for
    > >PPP adaptater; If yes, how can i find it on windows xp ?

    >
    > I believe you are referring to the meaningless techno-babble that
    > microsoft lists under the DOS command "ipconfig /all" (note - I quit
    > using windoze in 1992, so I'm not sure what icon you click to run that
    > command). You'll see something like
    >
    > PPP adapter RAS Server (Dial In) Interface:
    > Connection-specific DNS Suffix . :
    > Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
    > Physical Address. . . . . . . . . : 00-53-45-00-00-00
    > DHCP Enabled. . . . . . . . . . . : No
    > IP Address. . . . . . . . . . . . : 192.168.9.201
    > Subnet Mask . . . . . . . . . . . : 255.255.255.255
    > Default Gateway . . . . . . . . . :
    >
    > The "Physical Address" is totally meaningless (it's an ASCII string,
    > here, the letters "SE"). A serial port doesn't have a hardware address
    > such as is needed on Ethernet.


    This is exactly the info I was looking for. If the serial port used by
    PPP as a "phisical address/identifier" that
    during PPP connection is passed to the ISP. I don't talking about
    application data, or username/password that
    surely can be associated to own identity, I just referring to the
    machine hardware identifier.

    thanks.



  13. Re: point-to-point protocol and pc data

    On Mon, 17 Mar 2008, in the Usenet newsgroup comp.protocols.ppp, in article
    ,
    ploik000@gmail.com wrote:

    NOTE: Posting from groups.google.com (or some web-forums) dramatically
    reduces the chance of your post being seen. Find a real news server.

    >ibupro...@painkiller.example.tld (Moe Trin) wrote:


    >> The "Physical Address" is totally meaningless (it's an ASCII string,
    >> here, the letters "SE"). A serial port doesn't have a hardware address
    >> such as is needed on Ethernet.

    >
    >This is exactly the info I was looking for. If the serial port used by
    >PPP as a "phisical address/identifier"


    It does not.

    >during PPP connection is passed to the ISP.


    Easy thing to test - you run that "ipconfig /all" command on your system,
    then run the command needed to create the ppp.log - and then YOU look
    through the resulting log and see if you can find this imaginary value
    from microsoft. You won't find it, because it does not exist. That
    so-called "Physical Address" is yet another lie from windoze.

    >I don't talking about application data, or username/password that
    >surely can be associated to own identity, I just referring to the
    >machine hardware identifier.


    You should find a packet sniffer and look at the traffic your applications
    are sending - that's where you are traceable.

    Old guy

  14. Re: point-to-point protocol and pc data

    In article ,
    wrote:
    >On 14 Mar, 21:04, ibupro...@painkiller.example.tld (Moe Trin) wrote:
    >> On Fri, 14 Mar 2008, in the Usenet newsgroup comp.protocols.ppp, in article
    >> ,
    >> The "Physical Address" is totally meaningless (it's an ASCII string,
    >> here, the letters "SE"). A serial port doesn't have a hardware address
    >> such as is needed on Ethernet.

    >
    >This is exactly the info I was looking for. If the serial port used by
    >PPP as a "phisical address/identifier" that
    >during PPP connection is passed to the ISP.


    If you want to see EXACTLY what goes between your Windows machine and
    your ISP packet for packet, download our demo version of PacketView Pro:

    http://www.klos.com/PacketViewPro/

    The demo is limited to how many packets of what size it will allow you to
    capture, but it should be enough to see what you're looking for? Make
    sure to add your COM port to PVPRO.DAT.

    Alternatively, you could grab PORTMON from SysInternals and look at the
    bytes directly:

    http://technet.microsoft.com/en-us/s.../bb896644.aspx

    Good luck!

    Patrick
    ========= For LAN/WAN Protocol Analysis, check out PacketView Pro! =========
    Patrick Klos Email: patrick@klos.com
    Klos Technologies, Inc. Web: http://www.klos.com/
    ================================================== ==========================

+ Reply to Thread