Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 09 Aug 2006 10:05:40 -0500
From:      Paul Schmehl <pauls@utdallas.edu>
To:        "Marc G. Fournier" <scrappy@freebsd.org>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: BSDstats Project v2.0 ...
Message-ID:  <44D9F9C4.4050406@utdallas.edu>
In-Reply-To: <20060809055245.J7522@ganymede.hub.org>
References:  <20060807003815.C7522@ganymede.hub.org>	<20060808102819.GB64879@augusta.de>	<20060808153921.V7522@ganymede.hub.org> <44D8EC98.8020801@utdallas.edu>	<20060808201359.S7522@ganymede.hub.org> <44D91F02.90107@mawer.org>	<20060808212719.L7522@ganymede.hub.org>	<20060809072313.GA19441@sysadm.stc> <20060809055245.J7522@ganymede.hub.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
Marc G. Fournier wrote:
> On Wed, 9 Aug 2006, Igor Robul wrote:
> 
>> On Tue, Aug 08, 2006 at 09:30:42PM -0300, Marc G. Fournier wrote:
>>> Could create problems long term .. one thing I will be using the
>>> IPs to do is:
>>>
>>> SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC;
>>>
>>> to look for any 'abnormalities' like todays with Armenia ...
>>>
>>> hashing it would make stuff like that fairly difficult ...
>> You can make _two_ hashes and then concatenate to form unique key.
>> Then you still be able to see "a lot of single IPs". Personaly, I dont
>> care very much about IP/hostname disclosure :-)
> 
> Except that you are disclosing that each and every time you send out an 
> email, or hit a web site ... :)
> 
The systems I'm concerned about are on private IP space, to not send 
email and don't have X installed, much less a web browser and can only 
access certain FreeBSD sites to update ports.  In fact, they're not even 
accessible from *inside* our network except from certain hosts.  In 
order to successfully run the stats script on these hosts, I would have 
to open a hole in the firewall to bsdstats.hub.org on the correct port.

And yes, I *am* paranoid.  But if you really want *all* statistics you 
can get, then you'll have to deal with us paranoid types.  My 
workstation, which is on a public IP, is already registered.

> Regardless, though ... what do ppl suggest here?  Simple 'md5' hash?

I think md5 is fine.  SHA256 would probably be better.  :-)

-- 
Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

[-- Attachment #2 --]
0	*H
010	+0	*H
N00AA=e0
	*H
010	UUS10U
VeriSign, Inc.1<0:U3Class 2 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
990331000000Z
090330235959Z01'0%U
The University of Texas System10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)991200U)Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CA00
	*H
0
"zھ6p`0`S/5ɨ)=d}чTxxLIA
ҥ~BQNths]1)%c#Dj9FXúKzI#C200)U"0 010UPrivateLabel1-1400	`HB0DU =0;09`HE0*0(+https://www.verisign.com/RPA0U00U0
	*H
S	ܲ P8yISo̲z|_a^_Zҕ"TTTTi!79]H9Y$ C܃tj11#%,QYҴT0s0ܠ08'ƚE0
	*H
01'0%U
The University of Texas System10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)991200U)Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CA0
060721000000Z
070721235959Z01'0%U
The University of Texas System1-0+U$The University of Texas at Dallas CA1F0DU=www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)9910UMail Stop - UTD10UPaul Schmehl1!0	*H
	pauls@utdallas.edu00
	*H
0PL;帽NC4jDQBTn"ΕQ#>D2+ٳE:z8""pXX

$3\
Z%n;vwfcŀbF00	U00U0pauls@utdallas.edu0$U 00`HE00++https://www.verisign.com/rpa-kr0+0NOTICE: Private key may be recovered by VeriSign's customer who may be able to decrypt messages you send to certificate holder.  Use is subject to terms at https://www.verisign.com/rpa-kr (c)99.0	`HB0uUn0l0jhfdhttp://onsitecrl.verisign.com/TheUniversityofTexasSystemTheUniversityofTexasatDallasCA/LatestCRL.crl0U 0U%0++0
	*H
5
kuCO\GEzB?^2&?JF⠉ЪuPP̲+%&mTh}Q+bWqXXJȨV6U!00`G@±-	_=c0
	*H
01'0%U
The University of Texas System10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)991200U)Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CA0
060721000000Z
070721235959Z01'0%U
The University of Texas System1-0+U$The University of Texas at Dallas CA1F0DU=www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)9910UMail Stop - UTD10UPaul Schmehl1!0	*H
	pauls@utdallas.edu0"0
	*H
0
lSvNê7a_^
e7@m#eqbfjl2O'R,ǹg<ҚS҃0}F,hzlNrFxlPe9TS$
1Ǥ=:.niJܮmd)1t'fm8Z?P\/(=&h<|QqB&Pv)cfO>96S)tU_p\Z?
I]KezcƷ!00	U00U0pauls@utdallas.edu0$U 00`HE00++https://www.verisign.com/rpa-kr0+0NOTICE: Private key may be recovered by VeriSign's customer who may be able to decrypt messages you send to certificate holder.  Use is subject to terms at https://www.verisign.com/rpa-kr (c)99.0	`HB0uUn0l0jhfdhttp://onsitecrl.verisign.com/TheUniversityofTexasSystemTheUniversityofTexasatDallasCA/LatestCRL.crl0U0U%0++0
	*H
=Pjcr:%s#NܒEȴRB֐)'WTѹv>!ɑog<\/
fbh!`ؓ?/)#D3?J}36'3uz݋bnKu9|
MG10001'0%U
The University of Texas System10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)991200U)Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CAG@±-	_=c0	+0	*H
	1	*H
0	*H
	1
060809150540Z0#	*H
	1JyRPs3~58ΐieG?0R	*H
	1E0C0
*H
0*H
0
*H
@0+0
*H
(0	+71001'0%U
The University of Texas System10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)991200U)Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CA08'ƚE0*H
	101'0%U
The University of Texas System10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)991200U)Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CA08'ƚE0
	*H
WzMn4<6q#DZX_)&S5LVqCǜ+؇1
jy*ŭVF<'O]v۔w{B`N]wA3
".;&.B-LUϕ>%HJwػY{nnOU	'$)a`,4|\߮)
5*
+!l?+3<\l_(

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44D9F9C4.4050406>