From owner-freebsd-questions@FreeBSD.ORG Fri Aug 11 12:07:49 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8CA6716A4DF; Fri, 11 Aug 2006 12:07:49 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk [81.187.76.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5352243D5F; Fri, 11 Aug 2006 12:07:35 +0000 (GMT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from [IPv6:::1] (localhost [IPv6:::1]) by smtp.infracaninophile.co.uk (8.13.6/8.13.6) with ESMTP id k7BC792i085662; Fri, 11 Aug 2006 13:07:09 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) Authentication-Results: smtp.infracaninophile.co.uk from=m.seaman@infracaninophile.co.uk; sender-id=softfail; spf=softfail X-SenderID: Sendmail Sender-ID Filter v0.2.14 smtp.infracaninophile.co.uk k7BC792i085662 Message-ID: <44DC72E1.6020306@infracaninophile.co.uk> Date: Fri, 11 Aug 2006 13:06:57 +0100 From: Matthew Seaman Organization: Infracaninophile User-Agent: Thunderbird 1.5.0.5 (X11/20060801) MIME-Version: 1.0 To: Nikolas Britton References: <20060807003815.C7522@ganymede.hub.org> <20060808201359.S7522@ganymede.hub.org> <44D91F02.90107@mawer.org> <20060808212719.L7522@ganymede.hub.org> <20060809072313.GA19441@sysadm.stc> <20060809055245.J7522@ganymede.hub.org> <44D9F9C4.4050406@utdallas.edu> <20060809130354.U7522@ganymede.hub.org> In-Reply-To: X-Enigmail-Version: 0.94.0.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enig074A659739040F68FF3F126D" X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0.2 (smtp.infracaninophile.co.uk [IPv6:::1]); Fri, 11 Aug 2006 13:07:29 +0100 (BST) X-Virus-Scanned: ClamAV 0.88.4/1646/Fri Aug 11 10:51:17 2006 on happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00, DKIM_POLICY_TESTING,NO_RELAYS autolearn=ham version=3.1.4 X-Spam-Checker-Version: SpamAssassin 3.1.4 (2006-07-25) on happy-idiot-talk.infracaninophile.co.uk Cc: Paul Schmehl , "Marc G. Fournier" , freebsd-questions@freebsd.org Subject: Re: BSDstats Project v2.0 ... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Aug 2006 12:07:49 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig074A659739040F68FF3F126D Content-Type: multipart/mixed; boundary="------------040407040206020807060706" This is a multi-part message in MIME format. --------------040407040206020807060706 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable Nikolas Britton wrote: > Ok... With my new script it took only 158 minutes to compute ALL > TCP/IP address hashes. I'll repeat that... I have an md5 hash for > every IP address in the world! All I need to do is grep your hash and > it will tell me your IP address. yippee! :-) >=20 > Can we please find a new method to track hosts... perhaps my earlier > example: ifconfig |md5. If not please remove my entries in the > database. How about the attached diff. As discussed else-thread, this generates a random ID 128bit token -- the chances of any two hosts generating the same token are so minuscule as to be negligible. The token is cached in a file /var/db/bsdstats for re-use in later months. This also adds the capability for the paranoid to withhold the hostname of the machine, and it removes what looks like a forgotten bit of debuggi= ng code that would mean Marc would get quite a lot of e-mail each month... I believe the default for CGI scripts is to ignore any extra parameters that they weren't programmed to expect[1], so this should even be compati= ble with the current bsdstats stuff. =20 Cheers, Matthew [1] No one would seriously contemplate running PHP with 'register_globals= ' enabled in this day and age would they? --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW --------------040407040206020807060706 Content-Type: text/plain; name="300.statistics.diff" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline; filename="300.statistics.diff" --- /usr/ports/sysutils/bsdstats/files/300.statistics Thu Aug 10 10:58:00= 2006 +++ 300.statistics Fri Aug 11 12:56:54 2006 @@ -5,7 +5,6 @@ =20 # If there is a global system configuration file, suck it in. # -monthly_statistics_mailto=3D"scrappy@hub.org,root" if [ -r /etc/defaults/periodic.conf ] then . /etc/defaults/periodic.conf @@ -37,22 +36,50 @@ /usr/bin/fetch -qo /dev/null "http://$checkin_server/scripts/$1" } =20 -checkin_server=3D"bsdstats.hub.org"; +get_id_token () { + if [ -f $id_token_file ] ; + then + . $id_token_file + else + IDTOKEN=3D$( openssl rand -base64 16 ) + touch $id_token_file && \ + chown root:wheel $id_token_file && \ + chmod 600 $id_token_file && \ + echo "IDTOKEN=3D'$IDTOKEN'" > $id_token_file + fi + IDTOKEN=3D$( uri_escape $IDTOKEN ) +} + +checkin_server=3D'bsdstats.hub.org' +id_token_file=3D'/var/db/bsdstats' + +# Send hostname to the stats server? Default yes -- set to "NO" +# in periodic.conf if desired. + +monthly_statistics_reveal_hostname=3D${monthly_statisics_reveal_hostname= -"YES"} =20 case "$monthly_statistics_enable" in [Yy][Ee][Ss]) - HN=3D`/bin/hostname` + get_id_token + case "$monthly_statistics_reveal_hostname" in + [Yy][Ee][Ss]) + HN=3D`/bin/hostname` + ;; + *) + HN=3D'(no-hostname)' + ;; + esac SYS=3D`/usr/bin/uname -r` ARCH=3D`/usr/bin/uname -m` OS=3D`/usr/bin/uname -s` - do_fetch getid.php?hn=3D$HN\&sys=3D$SYS\&arch=3D$ARCH\&opsys=3D$OS= + do_fetch getid.php?id=3D$IDTOKEN\&hn=3D$HN\&sys=3D$SYS\&arch=3D$AR= CH\&opsys=3D$OS echo "Posting monthly OS statistics to $checkin_server" case "$monthly_statistics_report_devices" in [Yy][Ee][Ss]) IFS=3D" " =20 - do_fetch clear_devices.php?hn=3D$HN + do_fetch clear_devices.php?id=3D$IDTOKEN\&hn=3D$HN for line in `/usr/sbin/pciconf -l | /usr/bin/grep -v none` do DRIVER=3D`echo $line | awk -F\@ '{print $1}'` @@ -60,7 +87,7 @@ DEV=3D`echo $line | awk '{print $4}' | cut -c8-11` CLASS=3D`echo $line | awk '{print $2}' | cut -c9-10` SUBCLASS=3D`echo $line | awk '{print $2}' | cut -c11-14`= - do_fetch report_device.php?driver=3D$DRIVER\&vendor=3D$V= EN\&device=3D$DEV\&class=3D$CLASS\&subclass=3D$SUBCLASS\&hn=3D$HN + do_fetch report_device.php?id=3D$IDTOKEN\&driver=3D$DRIV= ER\&vendor=3D$VEN\&device=3D$DEV\&class=3D$CLASS\&subclass=3D$SUBCLASS\&h= n=3D$HN done echo "Posting monthly device statistics to $checkin_server" =20 @@ -69,10 +96,10 @@ DEV=3D$( uri_escape $( echo $line | cut -d ' ' -f 2- ) ) n=3D0 count=3D$( sysctl -n hw.ncpu ) - do_fetch clear_cpu.php?hn=3D$HN + do_fetch clear_cpu.php?id=3D$IDTOKEN\&hn=3D$HN while [ $n -lt $count ] do - do_fetch report_cpu.php?cpu_id=3DCPU$n\&vendor=3D$VEN\&c= pu_type=3D$DEV\&hn=3D$HN + do_fetch report_cpu.php?id=3D$IDTOKEN\&cpu_id=3DCPU$n\&v= endor=3D$VEN\&cpu_type=3D$DEV\&hn=3D$HN n=3D$(( $n + 1 )) done echo "Posting monthly CPU statistics to $checkin_server" --------------040407040206020807060706-- --------------enig074A659739040F68FF3F126D Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE3HLs8Mjk52CukIwRCEsJAJ4sl0SuaJbcbgDdtCo4PJ9RDTOE4QCfQya0 DtLGerxcBUTUY+kS0w5J+D0= =KVBB -----END PGP SIGNATURE----- --------------enig074A659739040F68FF3F126D--