Date: Wed, 9 Aug 2006 00:13:03 -0700 From: Garrett Cooper <youshi10@u.washington.edu> To: freebsd-questions@freebsd.org Subject: Re: BSDstats Project v2.0 ... Message-ID: <30502313-7B58-4FEC-8A2C-43ED071AC26F@u.washington.edu> In-Reply-To: <20060808212719.L7522@ganymede.hub.org> References: <20060807003815.C7522@ganymede.hub.org> <20060808102819.GB64879@augusta.de> <20060808153921.V7522@ganymede.hub.org> <44D8EC98.8020801@utdallas.edu> <20060808201359.S7522@ganymede.hub.org> <44D91F02.90107@mawer.org> <20060808212719.L7522@ganymede.hub.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Aug 8, 2006, at 5:30 PM, Marc G. Fournier wrote: > On Wed, 9 Aug 2006, Antony Mawer wrote: > >> On 9/08/2006 9:16 AM, Marc G. Fournier wrote: >>>> Can you tell me exactly what you do with those two pieces of >>>> data? Is there any way that information would be accessible >>>> from the internet? >>> Absolutely nothing else we do with it ... it just gives us a >>> unique key to work with ... in fact, assuming each of your >>> servers use a different IP, there is no reason you couldn't do >>> the uname trick above to hide the hostname ... >>> Unless someone breaks into the server, or database, somehow, the >>> data isn't accessible ... >> >> What if we improved upon this - if instead of storing the hostname >> and IP address, we stored a one-way hash of this information? >> OpenSSH in recent versions takes the same approach with its >> authorized_keys files... > > Could create problems long term .. one thing I will be using the > IPs to do is: > > SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC; > > to look for any 'abnormalities' like todays with Armenia ... > > hashing it would make stuff like that fairly difficult ... > > ---- > Marc G. Fournier Hub.Org Networking Services (http:// > www.hub.org) > Email . scrappy@hub.org MSN . > scrappy@hub.org > Yahoo . yscrappy Skype: hub.org ICQ . 7615664 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" Yes, that's true particularly if the server's were all the same hardware type and the software was compiled at the same time. Maybe my CPUID suggestion would come in handy? Also, maybe that person from Armenia installed the script in a distribution that's included in a virtual image (vmware comes to mind), and he's loading it on a bunch of different machines behind a (virtual) NAT or something... just a thought to consider. -Garrett
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?30502313-7B58-4FEC-8A2C-43ED071AC26F>