Uninitiated noon question below.

A couple of days ago, this haprogram https://programming.dev/post/41491279

Now, during the phonecall with my ISP, the guy asked, “is your router an ASUS?” to which I answered, “yes and no, because it’s sold as a router but I have it in AP mode and my actual router is OpenWrt on a Raspberry Pi.” To which he replied “noice!”

How did he know the make of my access point? A few of my own thoughts are:

  1. he was referring to historical data (I’ve been a loyal customer of theirs for a looong time…) from a time when I was using the same topology (setup?) but without a VPN on the router, so the hostname of the AP (stored in /etc/hostname on the ASUS OS/firmware ?) was simply displayed on whatever software an ISP uses for troubleshooting through… an ARP? But aren’t ARPs limited to a LAN/they cannot resolve beyond a hop? Or perhaps a variant of DNS? How indeed do hostnames transmit? Are they in the IP header by default?
  2. as in 1 above, but he actively used nmap or some other recog program
  3. as in 1 above but from a time when I was in fact using the ASUS machine as a router
  4. my VPN is “leaking” - not likely, because all my traffic either goes through the wireguard interface on OpenWrt/RPi, or it doesn’t go anywhere…

If 1, 2 or 3: why do they keep historical data on me? Is it praxis?

  • Admiral Patrick@dubvee.orgEnglish
    18·
    3 days ago

    If they have remote management/diagnostics for the ONT (sounds like they do, and it’s all but universal for that to be the case), then they can probably see the MAC addresses connected to the ethernet ports. The first three octets of a MAC address are the OUI (organizationally unique identifier) which identify the vendor. There are online tools anyone can use to lookup the vendor for a MAC address.

    e.g. https://macvendors.com/

    • emotional_soup_88@programming.devOPEnglish
      5·
      3 days ago

      Amazing! I had no idea that you can grab the vendor off of the first three octets. I shall try to refrain from - for academic purposes, of course - identifying devices and their vendors around me next time I’m at the coffee shop…

      • Clusterfck@lemmy.sdf.orgEnglish
        6·
        3 days ago

        For whatever it’s worth, that’s not a huge privacy violation. Most routers auto-identify devices. Most IP scan tools just identify the device by default too.

        If it’s a good enough public/hotspot network, they will have “client isolation” turned on and it’ll keep you from seeing any other devices but the actual network equipment.

        • emotional_soup_88@programming.devOPEnglish
          1·
          3 days ago

          I see. Well, now I understand why I see vendor names of connected hosts in my AP’s GUI. The vendor name of my robot vacuum, I will never be able to pronounce… (Something Chinese.)