Date: Wed, 09 Aug 2006 10:05:40 -0500 From: Paul Schmehl <pauls@utdallas.edu> To: "Marc G. Fournier" <scrappy@freebsd.org> Cc: freebsd-questions@freebsd.org Subject: Re: BSDstats Project v2.0 ... Message-ID: <44D9F9C4.4050406@utdallas.edu> In-Reply-To: <20060809055245.J7522@ganymede.hub.org> References: <20060807003815.C7522@ganymede.hub.org> <20060808102819.GB64879@augusta.de> <20060808153921.V7522@ganymede.hub.org> <44D8EC98.8020801@utdallas.edu> <20060808201359.S7522@ganymede.hub.org> <44D91F02.90107@mawer.org> <20060808212719.L7522@ganymede.hub.org> <20060809072313.GA19441@sysadm.stc> <20060809055245.J7522@ganymede.hub.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a cryptographically signed message in MIME format. --------------ms040908060104030502060101 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Marc G. Fournier wrote: > On Wed, 9 Aug 2006, Igor Robul wrote: > >> On Tue, Aug 08, 2006 at 09:30:42PM -0300, Marc G. Fournier wrote: >>> Could create problems long term .. one thing I will be using the >>> IPs to do is: >>> >>> SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC; >>> >>> to look for any 'abnormalities' like todays with Armenia ... >>> >>> hashing it would make stuff like that fairly difficult ... >> You can make _two_ hashes and then concatenate to form unique key. >> Then you still be able to see "a lot of single IPs". Personaly, I dont >> care very much about IP/hostname disclosure :-) > > Except that you are disclosing that each and every time you send out an > email, or hit a web site ... :) > The systems I'm concerned about are on private IP space, to not send email and don't have X installed, much less a web browser and can only access certain FreeBSD sites to update ports. In fact, they're not even accessible from *inside* our network except from certain hosts. In order to successfully run the stats script on these hosts, I would have to open a hole in the firewall to bsdstats.hub.org on the correct port. And yes, I *am* paranoid. But if you really want *all* statistics you can get, then you'll have to deal with us paranoid types. My workstation, which is on a public IP, is already registered. > Regardless, though ... what do ppl suggest here? Simple 'md5' hash? I think md5 is fine. SHA256 would probably be better. :-) -- Paul Schmehl (pauls@utdallas.edu) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ --------------ms040908060104030502060101 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIPTjCC A9gwggNBoAMCAQICEEHsHz2nFAeWxPbVDN3RD2UwDQYJKoZIhvcNAQEFBQAwgcExCzAJBgNV BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMiBQdWJs aWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykg MTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQL ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4XDTk5MDMzMTAwMDAwMFoXDTA5MDMzMDIzNTk1 OVowgeoxJzAlBgNVBAoTHlRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIFN5c3RlbTEfMB0GA1UE CxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE7MDkGA1UECxMyVGVybXMgb2YgdXNlIGF0IGh0 dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEgKGMpOTkxMjAwBgNVBAsTKUNsYXNzIDIgQ0Eg LSBPblNpdGUgSW5kaXZpZHVhbCBTdWJzY3JpYmVyMS0wKwYDVQQDEyRUaGUgVW5pdmVyc2l0 eSBvZiBUZXhhcyBhdCBEYWxsYXMgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL/q 74frHgrBAPkiEcHRwczbetq+NtJwYDBg5RngUy819MmoKQXW3j2d8waaZH2+0YdUeJv/onjx +4erw/yHTMJJQQ3hwNKl1/x+/0JRTnTzAdVoc6VdBDH45iklY6gjmkRqgYsPsDnx79tGWMO6 uM9L83rBokmVgyNDupsajzKFAgMBAAGjgaUwgaIwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMT EVByaXZhdGVMYWJlbDEtMTQwMBEGCWCGSAGG+EIBAQQEAwIBBjBEBgNVHSAEPTA7MDkGC2CG SAGG+EUBBwEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9SUEEw DwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEFBQADgYEAUwm13LK2 idEgUIPJOHncyAiySb+4U4Nvisyy5Hp8/KPoD19hXl+XBJUSWtKVASLxvO3xVLZUplQYoZ1U vAZpBMcCITeigjmIp6ygn+iDGV2SSDkaWYIkIEO8hpUS3IN04ebjE75qpIcAMTEjByWbr7os UZEOWaajF4jStM5UFxwwggVzMIIE3KADAgECAhAdMJQ44vbY+scnxppFEtDAMA0GCSqGSIb3 DQEBBAUAMIHqMScwJQYDVQQKEx5UaGUgVW5pdmVyc2l0eSBvZiBUZXhhcyBTeXN0ZW0xHzAd BgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBh dCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTk5MTIwMAYDVQQLEylDbGFzcyAy IENBIC0gT25TaXRlIEluZGl2aWR1YWwgU3Vic2NyaWJlcjEtMCsGA1UEAxMkVGhlIFVuaXZl cnNpdHkgb2YgVGV4YXMgYXQgRGFsbGFzIENBMB4XDTA2MDcyMTAwMDAwMFoXDTA3MDcyMTIz NTk1OVowgfQxJzAlBgNVBAoUHlRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIFN5c3RlbTEtMCsG A1UECxQkVGhlIFVuaXZlcnNpdHkgb2YgVGV4YXMgYXQgRGFsbGFzIENBMUYwRAYDVQQLEz13 d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTIEluY29ycC4gYnkgUmVmLixMSUFCLkxU RChjKTk5MRgwFgYDVQQLFA9NYWlsIFN0b3AgLSBVVEQxFTATBgNVBAMTDFBhdWwgU2NobWVo bDEhMB8GCSqGSIb3DQEJARYScGF1bHNAdXRkYWxsYXMuZWR1MIGfMA0GCSqGSIb3DQEBAQUA A4GNADCBiQKBgQCrBVCMoEwZGjvluL0Zlb//jU6SQzTT3WoQv6lEUYtCHflUzW6KIs6V5lGD I8c+qq9E6dkyK9mzpLFFOpuGuHqHghUEOIL5ItYRIui9znBYtVgKoJmx+Q2B4iS2M1yGDa1a hbMHtSX39s3vbjv1Dna7ouh3ZmPFgO2hYpdGGIYApQIDAQABo4ICDDCCAggwCQYDVR0TBAIw ADAdBgNVHREEFjAUgRJwYXVsc0B1dGRhbGxhcy5lZHUwggEkBgNVHSAEggEbMIIBFzCCARMG C2CGSAGG+EUBBwEGMIIBAjArBggrBgEFBQcCARYfaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t L3JwYS1rcjCB0gYIKwYBBQUHAgIwgcUagcJOT1RJQ0U6IFByaXZhdGUga2V5IG1heSBiZSBy ZWNvdmVyZWQgYnkgVmVyaVNpZ24ncyBjdXN0b21lciB3aG8gbWF5IGJlIGFibGUgdG8gZGVj cnlwdCBtZXNzYWdlcyB5b3Ugc2VuZCB0byBjZXJ0aWZpY2F0ZSBob2xkZXIuICBVc2UgaXMg c3ViamVjdCB0byB0ZXJtcyBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhLWtyIChj KTk5LjARBglghkgBhvhCAQEEBAMCB4AwdQYDVR0fBG4wbDBqoGigZoZkaHR0cDovL29uc2l0 ZWNybC52ZXJpc2lnbi5jb20vVGhlVW5pdmVyc2l0eW9mVGV4YXNTeXN0ZW1UaGVVbml2ZXJz aXR5b2ZUZXhhc2F0RGFsbGFzQ0EvTGF0ZXN0Q1JMLmNybDALBgNVHQ8EBAMCBSAwHQYDVR0l BBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMA0GCSqGSIb3DQEBBAUAA4GBADXwtwprdba6Q09c Guq5Fe8UR5PsRXpC/D+zXhGswIv3AqUy/Osm1j9KRhrioInQqnVQUOl/zLL5GSvKJZHdzCap bVSdELy2pgb7x2iM+6awFX3yjs0bhlGOmakYsPorCGIX/Ff96PfFGQgFz3EOWBFYSsior8ZW NlXVIdcGqqC4MIIF9zCCBWCgAwIBAgIQRwBAwrEtuPEMlwm1Xz1jAjANBgkqhkiG9w0BAQQF ADCB6jEnMCUGA1UEChMeVGhlIFVuaXZlcnNpdHkgb2YgVGV4YXMgU3lzdGVtMR8wHQYDVQQL ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0 cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYyk5OTEyMDAGA1UECxMpQ2xhc3MgMiBDQSAt IE9uU2l0ZSBJbmRpdmlkdWFsIFN1YnNjcmliZXIxLTArBgNVBAMTJFRoZSBVbml2ZXJzaXR5 IG9mIFRleGFzIGF0IERhbGxhcyBDQTAeFw0wNjA3MjEwMDAwMDBaFw0wNzA3MjEyMzU5NTla MIH0MScwJQYDVQQKFB5UaGUgVW5pdmVyc2l0eSBvZiBUZXhhcyBTeXN0ZW0xLTArBgNVBAsU JFRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIGF0IERhbGxhcyBDQTFGMEQGA1UECxM9d3d3LnZl cmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJlZi4sTElBQi5MVEQoYyk5 OTEYMBYGA1UECxQPTWFpbCBTdG9wIC0gVVREMRUwEwYDVQQDEwxQYXVsIFNjaG1laGwxITAf BgkqhkiG9w0BCQEWEnBhdWxzQHV0ZGFsbGFzLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALhs8O1TDnZOvdnDqje3YRFfXgqsZTdAy20jvGX+cWIMlGZqbDIFGu0eTyep ircIUposx7ngZzzSmo+p91PSgzDC8pF9Riy+aHoME9LEbP6UTnLURuYTyn+GeKzWEuxswFBl p9s5VFMToiT6jA0xBcek4D2ZvzoRLuNu4cbo12n8rKN/zkrcrqJtZCmIMbzWdMHpJ5S84WYZ j204WonJP6uxp1CSnR1cFC8oPSb8kRpoEzx8UYX9cbpC4usm4ITsxeKnUKHHEXYpY2bJTz6l oPM5NlMpx3TklslVX/VwXIP9tPPfWp0aPw4N3dlJXa4M8UuKZZiZGXpjr8a3GCHQ0wsCAwEA AaOCAgwwggIIMAkGA1UdEwQCMAAwHQYDVR0RBBYwFIEScGF1bHNAdXRkYWxsYXMuZWR1MIIB JAYDVR0gBIIBGzCCARcwggETBgtghkgBhvhFAQcBBjCCAQIwKwYIKwYBBQUHAgEWH2h0dHBz Oi8vd3d3LnZlcmlzaWduLmNvbS9ycGEta3IwgdIGCCsGAQUFBwICMIHFGoHCTk9USUNFOiBQ cml2YXRlIGtleSBtYXkgYmUgcmVjb3ZlcmVkIGJ5IFZlcmlTaWduJ3MgY3VzdG9tZXIgd2hv IG1heSBiZSBhYmxlIHRvIGRlY3J5cHQgbWVzc2FnZXMgeW91IHNlbmQgdG8gY2VydGlmaWNh dGUgaG9sZGVyLiAgVXNlIGlzIHN1YmplY3QgdG8gdGVybXMgYXQgaHR0cHM6Ly93d3cudmVy aXNpZ24uY29tL3JwYS1rciAoYyk5OS4wEQYJYIZIAYb4QgEBBAQDAgeAMHUGA1UdHwRuMGww aqBooGaGZGh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL1RoZVVuaXZlcnNpdHlvZlRl eGFzU3lzdGVtVGhlVW5pdmVyc2l0eW9mVGV4YXNhdERhbGxhc0NBL0xhdGVzdENSTC5jcmww CwYDVR0PBAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMEBggrBgEFBQcDAjANBgkqhkiG9w0B AQQFAAOBgQA9UGpjcqqUOiW6cyNOH+jckkXIyLRSQtaQ0ykn1lelyR5U0bmcdj7PIcmRbxZn PFzqL6YPmxgN8hKHZhViuGivIRamwmD62JMXmJz1Py8pIxHsRJyXu7sz+D9KtM19zMAzNicz m3WBkXrdi6+QqWJum0sAAwJ1OaQf9AR8DU1HADGCBQgwggUEAgEBMIH/MIHqMScwJQYDVQQK Ex5UaGUgVW5pdmVyc2l0eSBvZiBUZXhhcyBTeXN0ZW0xHzAdBgNVBAsTFlZlcmlTaWduIFRy dXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJp c2lnbi5jb20vcnBhIChjKTk5MTIwMAYDVQQLEylDbGFzcyAyIENBIC0gT25TaXRlIEluZGl2 aWR1YWwgU3Vic2NyaWJlcjEtMCsGA1UEAxMkVGhlIFVuaXZlcnNpdHkgb2YgVGV4YXMgYXQg RGFsbGFzIENBAhBHAEDCsS248QyXCbVfPWMCMAkGBSsOAwIaBQCgggLdMBgGCSqGSIb3DQEJ AzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA2MDgwOTE1MDU0MFowIwYJKoZIhvcN AQkEMRYEFEp5UlBzM6V+NTjOkJydaWXmRz+9MFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcN AwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMC AgEoMIIBEQYJKwYBBAGCNxAEMYIBAjCB/zCB6jEnMCUGA1UEChMeVGhlIFVuaXZlcnNpdHkg b2YgVGV4YXMgU3lzdGVtMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYD VQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYyk5 OTEyMDAGA1UECxMpQ2xhc3MgMiBDQSAtIE9uU2l0ZSBJbmRpdmlkdWFsIFN1YnNjcmliZXIx LTArBgNVBAMTJFRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIGF0IERhbGxhcyBDQQIQHTCUOOL2 2PrHJ8aaRRLQwDCCARMGCyqGSIb3DQEJEAILMYIBAqCB/zCB6jEnMCUGA1UEChMeVGhlIFVu aXZlcnNpdHkgb2YgVGV4YXMgU3lzdGVtMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3 b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t L3JwYSAoYyk5OTEyMDAGA1UECxMpQ2xhc3MgMiBDQSAtIE9uU2l0ZSBJbmRpdmlkdWFsIFN1 YnNjcmliZXIxLTArBgNVBAMTJFRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIGF0IERhbGxhcyBD QQIQHTCUOOL22PrHJ8aaRRLQwDANBgkqhkiG9w0BAQEFAASCAQCynt7R7Iblvh4O6/qyV3qP TW40PJEP1Bk2cfYjRLztWrpYB8DoFtpfKSYL1/FTNUzPVnGoQxu54Mec9SututiH+jENuByF annl4xQqxa1WpUbl/OCEBzwPJ0+/B7UXXXbblHd7rsRCtWDgEeSwTrCrul13l9tBM4+ADSL+ Lho7JpP83/IuqwyfhOWgQrMtu0yIulXNFBL8B8+V9D4l20gU89JKC5IcDHe12LvQwVnexntu bs7iyMpPVQmxwCfSJOPrF6MpgGFgLAQ0fFyU364DvPoppou3DTXpKp4NissE/ysb9LQdoSHg 82w/3Cv3M/Pm4zxc6R39ib1sXxsLKKL3AAAAAAAA --------------ms040908060104030502060101--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44D9F9C4.4050406>