On Fri, May 24, 2024 at 10:31 AM Tim via users <users@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > > Tim: > >> For some networks, it's simply going to be the DHCP server assigning > >> you an IP to a MAC address it knows about (hardware details about your > >> network). This will get messed up if your hardware supplies random MAC > >> addresses each time it makes a connection. > > Ranjan Maitra: > > I suspect it is this above, since this is a one-time deal, only when > > a computer is set up for the first time (but done through the browser > > that one time). After that, it never asks for registration again > > unless the computer in question has not connected for months (in > > which case it has to be validated). > > When you connect to a network using DHCP, your device tries asking for > the same IP it had last time. Their server *may* honour that. But I > think you'd get a different IP each time unless they had a vast reserve > of spare IPs to allocate each person the same one each time. Though > this shouldn't be an authentication problem, DHCP is supposed to be > able to handle changed addresses. > > What the DHCP server uses to fingerprint you, to identify your device > as the same device each time you connect, can be a combination of > things, and they can be remembered for as long (or short) as they want > their DHCP server to hold the data: > > Your network interface's MAC (which will be different for cabled > ethernet and wireless on the same device, and is randomly changed with > some hardware, and randomised by some software configurations). Each > MAC is supposed to be unique, though there have been cases of network > hardware with duplicated "unique" ids. And since some devices use > randomised MACs, there is a chance that it might pick the same MAC as > someone else on the network. That can cause problems. > > Your network configuration can also supply another kind of ID as a kind > of fingerprint. A DHCP server can use that to ID you across different > visits. This is an optional thing, many clients don't supply that info > to the server. > > Between the data of your MAC and another unique ID, your device can be > recognised as previously authorised, and considered still authorised > (if their system works that way, and your info stays the same each > time). Various ISPs work that way, the first thing connected to them > during the set-up process (your modem or router) is used to > authenticate you as a valid customer. If you change your router, you > may have to call customer support to get it "allowed." Likewise if you > have multiple devices that directly connect to a network, at different > times. > > I'd look through network configuration options related to privacy or > randomised MAC (same thing, different titles). > > Another thing that springs to mind is IPv6. > > > I don't know if this matters but I do not need to keep the browser on > > after that first-time registration. Also, I never store my cache so > > once the browser is shut down, the cache is deleted. > > That sounds right. Once you're authenticated into the system, that > should be the end of the process. You may have to authenticate each > time you login, but shouldn't have to maintain some kind of keep-alive > through the browser for a session, that'd be a daft way to maintain a > network (not that that stopped some early ISPs from requiring some kind > of heartbeat from their clients). > > You could have to do the authentication each time you connect to their > network. That's a reasonable thing to expect, and normally a good > security measure (it stops someone nicking a device then using it in > your name). Though can be a pain with wireless hardware, connections > come and go with them, even though you're intending it to be one > continuous session. This smells of Captive Portal and MAC Randomizations. I think Patrick O'Callaghan was spot on: OP needs to talk to his admins because he does not know if he is in a captive portal system, and OP does not know his network manager settings. Someone with knowledge of the systems will be better positioned to help OP. Jeff -- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
