this post was submitted on 01 Dec 2025
15 points (94.1% liked)

networking

3376 readers
1 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 2 years ago
MODERATORS
manifex@sh.itjust.works
15
How did my ISP identify my AP? (programming.dev)
submitted 2 weeks ago by emotional_soup_88@programming.dev to c/networking@sh.itjust.works
23 comments fedilink hide all child comments
 

Uninitiated noon question below.

A couple of days ago, this haprogram https://programming.dev/post/41491279

Now, during the phonecall with my ISP, the guy asked, "is your router an ASUS?" to which I answered, "yes and no, because it's sold as a router but I have it in AP mode and my actual router is OpenWrt on a Raspberry Pi." To which he replied "noice!"

How did he know the make of my access point? A few of my own thoughts are:

  1. he was referring to historical data (I've been a loyal customer of theirs for a looong time...) from a time when I was using the same topology (setup?) but without a VPN on the router, so the hostname of the AP (stored in /etc/hostname on the ASUS OS/firmware ?) was simply displayed on whatever software an ISP uses for troubleshooting through... an ARP? But aren't ARPs limited to a LAN/they cannot resolve beyond a hop? Or perhaps a variant of DNS? How indeed do hostnames transmit? Are they in the IP header by default?
  2. as in 1 above, but he actively used nmap or some other recog program
  3. as in 1 above but from a time when I was in fact using the ASUS machine as a router
  4. my VPN is "leaking" - not likely, because all my traffic either goes through the wireguard interface on OpenWrt/RPi, or it doesn't go anywhere...

If 1, 2 or 3: why do they keep historical data on me? Is it praxis?

you are viewing a single comment's thread
view the rest of the comments
[–] emotional_soup_88@programming.dev 5 points 2 weeks ago (2 children)

Amazing! I had no idea that you can grab the vendor off of the first three octets. I shall try to refrain from - for academic purposes, of course - identifying devices and their vendors around me next time I'm at the coffee shop...

[–] Clusterfck@lemmy.sdf.org 6 points 2 weeks ago (1 children)

For whatever it’s worth, that’s not a huge privacy violation. Most routers auto-identify devices. Most IP scan tools just identify the device by default too.

If it’s a good enough public/hotspot network, they will have “client isolation” turned on and it’ll keep you from seeing any other devices but the actual network equipment.

[–] emotional_soup_88@programming.dev 1 points 2 weeks ago

I see. Well, now I understand why I see vendor names of connected hosts in my AP's GUI. The vendor name of my robot vacuum, I will never be able to pronounce... (Something Chinese.)

[–] CompactFlax@discuss.tchncs.de 3 points 2 weeks ago

Maclookup.app