DHCPAP documentation

DH-What?!

DHCP stands for Dynamic Host Configuration Protocol. It’s a network protocol used to get network configuration parameters, such as IP addresses automatically.

Every time a device, such as a laptop or mobile connects to a Wifi network in a cafe, office, home, etc., it sends a DHCP request.

Some DHCP options carry unique identifiers that can enable device tracking and fingerprinting.

AP stands for Anonymity Profiles, a standard that provides guidelines on the composition of DHCP messages, designed to minimize disclosure of identifying information.

Important: if you run a DHCP client implementing the Anonymity Profiles, the hardware address (MAC) should be randomized. You can use macchanger, macouflage or other tools for this.

For users

dhcpcanon is a DHCP client implementing the Anonymity Profiles.

It’s tested in Debian/Ubuntu. Other Linux distributions are coming soon, as well as Gnome Network Manager integration.

Windows 10 has a non-FLOSS implementation of the Anonymity Profiles.

For demonstration purposes

dhcpcfp is a DHCP scanner, intended to be run in controlled networks to show how it is possible to fingerprint devices.

For developers

(See the two sections above).

systemd implements its own DHCP client and now it also implements the Anonymity profiles (branch merged in upstream). Refer to the documentation on how to run systemd DHCP client and systemd modifications (source)

Comments on the RFC 7844 (source)

Slides: