Hi!
Perhaps there is a better way to deal with the
problem. If I understand
batman-adv correctly, no node requires knowledge of anything but the next
hop for every destination. This should mean that we don't need the layer 2
traceroute functionality that batman-adv includes. If we change batman-adv
such that a node can only ever know the next hop for a given destination,
I am not sure exactly what you are saying you would change? Batman
already knows only next hop for every destination. So what you would change?
Anyway, I think this is still complicating too much. Practically, any
attack would simply be listing all MAC addresses in the network. Once
you know this list you know that they are in the network. And then you
use other means to determine where a person is. You have to remember
that nobody is using only one approach or one tool. They will combine
data from multiple sources. Any change here will just make network less
open (in the sense that you would have a difference between admins and
non-admins), for what gain?
Can please somebody first describe a threat model we are trying to
address here? Who attacking whom and with which tools?
Mitar
--
http://mitar.tnode.com/
https://twitter.com/mitar_m