Solved Information that should not be posted

Solved issue
Never the less add the z is important if you want to filter private info. I often ask ops to post the output of inxi -Fxxzr which will filter out personal identifying info from the report. It's a great tool to use in trouble shooting problems. But like any tool needs to be used with care.
 


I just happened to catch this thread and wanted to thank ya'll for this information. I wasn't aware of this tool. Thank you.

I don't care if anyone knows that I am using an Asus motherboard, it's not like all linux.org members will be arriving at my door tomorrow morning because of that information.

I'll be right over, just lemme grab my inflatable raft and my little paddle oar lol. I should be able to make it in about 2.5 years if I paddle hard enough.
 
Really amuses me how you "security afficionados" forever seem to be dreaming up the very worst-case scenarios all the time.

Talk about "doom & gloom" merchants! Cracks me up, it does... :p


Mike.
facepalm-smaller.gif
 
Not all of the users of this forum necessarily have an account here. OSINT means Open Source Intelligence. It involves searching the Internet for such information. Your MAC address may be used to discover your IPv6 unicast address. All it takes is knowing your ISP's network prefix. It's generally a good idea to make sure that such information is not publicly revealed since one doesn't want the bad guys to know any more about your system than absolutely necessary. Active network mapping can get a hacker noticed, but silent surveillance would not. Revealing information about your network can make that surveillance much more effective. Your wifi frames will use that MAC address in the header. I have noticed an APT using the different wifis here in this area as a proxy to attack the various local networks. It is remarkably easy to hack into wifi, even with WPA3. I'm not sure how Linux would handle an evil twin attack, but it never hurts to be careful. A false sense of security can be worse than no security.

Signed,

Matthew Campbell
 
Really amuses me how you "security afficionados" forever seem to be dreaming up the very worst-case scenarios all the time.
And I'm surprised by how some people pay too little attention to security and even openly dismiss anything in that regard, or how Linux is secure and there is no need to anything and similar.
 
I thought I would give an example for any newbies reading this thread,
OMG, more good stuff. And I did the "network commands" and I jumped down the rabbit hole.
the z filter removes sensitive information
a full list can be found by using inxi -h but its the z that filters your results for publications
Yeah, went down the "Full List" "inxi-h" list and tried all the combinations with an without the "z".

I thought... this much information, what happens if I try to write the output to a file (like in Command Prompt) - If it doesn't work, how big of a mess can I make? I didn't hurt anything that I know of but wore out "clear".

It worked! Finally I had explored something that I didn't ask or read. And then I explored what I thought "could" work... piping my terminal commands' output to a file - with complete path - to a folder on my external data drive - HA!

inxt -Fxsz >>/media/mint/(my external data drive)-01/External.Documents/LinuxCommands/KeepPrivate_2024119a.txt

And the "z" - repalcing IP & MAC with <filter> in the output - Why provide the main information for a Man-in-the-Middle hack - even if it couldn't be used? - till they got on the inside.

Man, its' been since the early '90's and I may not be remembering any of this correctly. :p

Well @Brickwizard you helped me take a big step with Terminal. Thanks. Really got carried away for hours. I'm going to bed.
 
Last edited:
You can't connect to serial numbers or mac addresses from outside of your lan, your router uses mac addresses to know where
I'm more concerned with IP (not serial numbers) & MAC's of network card and router- available - together - If I recall correnctly, items needed for Man-in-the-Middle - Greater vulnerability in public setttings but not impossible. Improbable but why put the info out there at all?

Over the years I've had to cleanup disasters of the "technically Pure & Correct" and "I've got nothing to hide", that "should" have never been able to be hacked.

Tech-"correctness" OK, given. Common Sense?????? Never give your enemy anything!
 
Last edited:
I wonder how, based on MAC address NIC can be found.
Neither IP address will help, clients have dynamic, servers static IP is designed to be known.
 
I wonder how, based on MAC address NIC can be found.

I don't want to flog a dead horse or spend my time arguing. I will say that I've posted not just my MAC but my public IP address when this subject pops up. I've never suffered any ill effects from this.
 
I wonder how, based on MAC address NIC can be found.
Neither IP address will help, clients have dynamic, servers static IP is designed to be known.
I only use static local IPv4 on my local networks. Your ISP is likely to assign your very public IPv6 address based on your MAC address. This uses what is known as EUI-64. Have a look at:
.

This guy has a wonderful channel and I would highly recommend watching every single one of his videos. They are so educational. I have learned a lot from him.

Signed,

Matthew Campbell
 
I think privacy is important - which is why most in this thread would suggest using the command(s) that hide things that have no importance to the issue that needs to be solved.

It's not all about "don't hack me bruh" but more about "just doesn't matter"..

Anyway .. let's let people do what they want.. s'all good.
 
And I'm surprised by how some people pay too little attention to security and even openly dismiss anything in that regard, or how Linux is secure and there is no need to anything and similar.
Mm. For us in Puppyland, it's not so much about paying too little attention to security as it is about taking a rather different approach to the whole subject.

For standard mainstream distros, using the 'full install' method, everything you do is written immediately into the file-system. Don't get me wrong; you guys DO have to be more careful and take security more seriously, I know that.

Puppy, because of the way she runs in RAM every session, and the fact that session changes/modifications are only saved at shutdown to a special directory - the 'save-folder' - which then gets layered-into the read-only main file system AT THE NEXT BOOT via aufs/overlayfs, possesses the ability to "forget" any session where you even suspect you may have had dodgy stuff going on. You simply shut-down WITHOUT saving those session changes/modifications......and boot-up the next time with a brand spanking new, squeaky-clean system from read-only files again.

It's not rocket science. It's simply making use of existing kernel abilities that have been present for a very long time.......but using them in a novel & unique way. Which Puppy has done from day 1.

(shrug...)


Mike. ;)
 
... which reminds me - although this is Solved, I am moving it to Linux Security.

Cheers
 
1) on my laptop kernel does not support IPv6 (privacy is one reason).
2) to identify someone MAC addresd or ip address are not necessary there are much better ways to identify someone.
3) ipv6 can be eaily changed, so can be MAC address.
4) ISP usually are changing user IP addresses and user can change MAC. So nobody considers these as reliable identifiable information.
 

Staff online


Top