Date: Wed, 9 Aug 2006 13:06:09 -0300 (ADT) From: "Marc G. Fournier" <scrappy@freebsd.org> To: Paul Schmehl <pauls@utdallas.edu> Cc: freebsd-questions@freebsd.org Subject: Re: BSDstats Project v2.0 ... Message-ID: <20060809130354.U7522@ganymede.hub.org> In-Reply-To: <44D9F9C4.4050406@utdallas.edu> References: <20060807003815.C7522@ganymede.hub.org> <20060808102819.GB64879@augusta.de> <20060808153921.V7522@ganymede.hub.org> <44D8EC98.8020801@utdallas.edu> <20060808201359.S7522@ganymede.hub.org> <44D91F02.90107@mawer.org> <20060808212719.L7522@ganymede.hub.org> <20060809072313.GA19441@sysadm.stc> <20060809055245.J7522@ganymede.hub.org> <44D9F9C4.4050406@utdallas.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 9 Aug 2006, Paul Schmehl wrote:
> Marc G. Fournier wrote:
>> On Wed, 9 Aug 2006, Igor Robul wrote:
>>
>>> On Tue, Aug 08, 2006 at 09:30:42PM -0300, Marc G. Fournier wrote:
>>>> Could create problems long term .. one thing I will be using the
>>>> IPs to do is:
>>>>
>>>> SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC;
>>>>
>>>> to look for any 'abnormalities' like todays with Armenia ...
>>>>
>>>> hashing it would make stuff like that fairly difficult ...
>>> You can make _two_ hashes and then concatenate to form unique key.
>>> Then you still be able to see "a lot of single IPs". Personaly, I dont
>>> care very much about IP/hostname disclosure :-)
>>
>> Except that you are disclosing that each and every time you send out an
>> email, or hit a web site ... :)
>>
> The systems I'm concerned about are on private IP space, to not send email
> and don't have X installed, much less a web browser and can only access
> certain FreeBSD sites to update ports. In fact, they're not even accessible
> from *inside* our network except from certain hosts. In order to
> successfully run the stats script on these hosts, I would have to open a hole
> in the firewall to bsdstats.hub.org on the correct port.
>
> And yes, I *am* paranoid. But if you really want *all* statistics you can
> get, then you'll have to deal with us paranoid types. My workstation, which
> is on a public IP, is already registered.
Done ... now I really hope that the US stats rise, maybe? I have a hard
time believing that Russia and the Ukraine have more deployments then the
'good ol'US of A' ... or do they? *raised eyebrow*
Here is what is now stored in the database (using my IP as a basis)
# select * from systems where ip = md5('24.224.179.167');
id | ip | hostname | operating_system | release | architecture | country | report_date
------+----------------------------------+----------------------------------+------------------+------------+--------------+---------+---------------------------
1295 | 45c80b9266a5a6683eee9c9798bd6575 | 4a9110019f2ca076407ed838bf190017 | FreeBSD | 6.1-RC1 | i386 | CA | 2006-08-09 02:34:05.12579
1 | 45c80b9266a5a6683eee9c9798bd6575 | 9a45e58ab9535d89f0a7d2092b816364 | FreeBSD | 6.1-STABLE | i386 | CA | 2006-08-09 16:01:03.34788
And yup, I have two hosts sitting behind a router ...
----
Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
Email . scrappy@hub.org MSN . scrappy@hub.org
Yahoo . yscrappy Skype: hub.org ICQ . 7615664
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060809130354.U7522>