From owner-freebsd-questions@FreeBSD.ORG Fri Aug 11 16:49:28 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 011F916A4DD; Fri, 11 Aug 2006 16:49:28 +0000 (UTC) (envelope-from pauls@utdallas.edu) Received: from smtp1.utdallas.edu (smtp1.utdallas.edu [129.110.10.12]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9093543D5A; Fri, 11 Aug 2006 16:48:58 +0000 (GMT) (envelope-from pauls@utdallas.edu) Received: from UTDEVS08.campus.ad.utdallas.edu (utdex08.utdallas.edu [129.110.70.103]) by smtp1.utdallas.edu (Postfix) with ESMTP id C318238CFE6; Fri, 11 Aug 2006 11:48:57 -0500 (CDT) Received: from [129.110.3.28] ([129.110.3.28]) by UTDEVS08.campus.ad.utdallas.edu with Microsoft SMTPSVC(6.0.3790.1830); Fri, 11 Aug 2006 11:48:57 -0500 Message-ID: <44DCB516.40501@utdallas.edu> Date: Fri, 11 Aug 2006 11:49:26 -0500 From: Paul Schmehl User-Agent: Thunderbird 1.5.0.5 (X11/20060802) MIME-Version: 1.0 To: Matthew Seaman References: <20060807003815.C7522@ganymede.hub.org> <20060808201359.S7522@ganymede.hub.org> <44D91F02.90107@mawer.org> <20060808212719.L7522@ganymede.hub.org> <20060809072313.GA19441@sysadm.stc> <20060809055245.J7522@ganymede.hub.org> <44D9F9C4.4050406@utdallas.edu> <20060809130354.U7522@ganymede.hub.org> <20060811100914.U7522@ganymede.hub.org> <44DCA340.2050204@utdallas.edu> <44DCAFFE.6090400@infracaninophile.co.uk> In-Reply-To: <44DCAFFE.6090400@infracaninophile.co.uk> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms050604080906030702040707" X-OriginalArrivalTime: 11 Aug 2006 16:48:57.0281 (UTC) FILETIME=[09A5C310:01C6BD66] Cc: "Marc G. Fournier" , Nikolas Britton , freebsd-questions@freebsd.org Subject: Re: BSDstats Project v2.0 ... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Aug 2006 16:49:28 -0000 This is a cryptographically signed message in MIME format. --------------ms050604080906030702040707 Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Matthew Seaman wrote: > Paul Schmehl wrote: > >> 1) encrypt the data being fed to your systems by the script - this >> should be relatively easy using keys and would ensure that a man in the >> middle attack would fail. You can connect using ssh and a unique key >> without having to reveal passwords to anyone. > > Uh... HTTPS surely? Because it's relatively simple to implement on both > client and server, doesn't require extra software installed on every client > beyond the monthly stats script itself and because of the way that HTTPS > uses a one-sided Diffie Helmann exchange to create session keys which means > that you don't have any trouble with key management on the many thousands > of client boxes out there... > I defer to your obviously greater experience and wisdom. :-) I would note that these issues appear to be impacting the project. As of right now, there are only 1612 systems reporting in, and I suspect there are a much greater number of systems distributed throughout the computing universe. Certainly some can be attributed to the newness of the project and the small amount of promotion done to date, but I can't help but think that at least some of it is due to hesitancy on the part of some to submit their data. For my part, I've submitted two public hosts. I have four others I will not submit until I'm certain the data are securely transmitted and stored. Surely I'm not alone? -- Paul Schmehl (pauls@utdallas.edu) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ --------------ms050604080906030702040707 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIPTjCC A9gwggNBoAMCAQICEEHsHz2nFAeWxPbVDN3RD2UwDQYJKoZIhvcNAQEFBQAwgcExCzAJBgNV BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMiBQdWJs aWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykg MTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQL ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4XDTk5MDMzMTAwMDAwMFoXDTA5MDMzMDIzNTk1 OVowgeoxJzAlBgNVBAoTHlRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIFN5c3RlbTEfMB0GA1UE CxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE7MDkGA1UECxMyVGVybXMgb2YgdXNlIGF0IGh0 dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEgKGMpOTkxMjAwBgNVBAsTKUNsYXNzIDIgQ0Eg LSBPblNpdGUgSW5kaXZpZHVhbCBTdWJzY3JpYmVyMS0wKwYDVQQDEyRUaGUgVW5pdmVyc2l0 eSBvZiBUZXhhcyBhdCBEYWxsYXMgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL/q 74frHgrBAPkiEcHRwczbetq+NtJwYDBg5RngUy819MmoKQXW3j2d8waaZH2+0YdUeJv/onjx +4erw/yHTMJJQQ3hwNKl1/x+/0JRTnTzAdVoc6VdBDH45iklY6gjmkRqgYsPsDnx79tGWMO6 uM9L83rBokmVgyNDupsajzKFAgMBAAGjgaUwgaIwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMT EVByaXZhdGVMYWJlbDEtMTQwMBEGCWCGSAGG+EIBAQQEAwIBBjBEBgNVHSAEPTA7MDkGC2CG SAGG+EUBBwEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9SUEEw DwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEFBQADgYEAUwm13LK2 idEgUIPJOHncyAiySb+4U4Nvisyy5Hp8/KPoD19hXl+XBJUSWtKVASLxvO3xVLZUplQYoZ1U vAZpBMcCITeigjmIp6ygn+iDGV2SSDkaWYIkIEO8hpUS3IN04ebjE75qpIcAMTEjByWbr7os UZEOWaajF4jStM5UFxwwggVzMIIE3KADAgECAhAdMJQ44vbY+scnxppFEtDAMA0GCSqGSIb3 DQEBBAUAMIHqMScwJQYDVQQKEx5UaGUgVW5pdmVyc2l0eSBvZiBUZXhhcyBTeXN0ZW0xHzAd BgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBh dCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTk5MTIwMAYDVQQLEylDbGFzcyAy IENBIC0gT25TaXRlIEluZGl2aWR1YWwgU3Vic2NyaWJlcjEtMCsGA1UEAxMkVGhlIFVuaXZl cnNpdHkgb2YgVGV4YXMgYXQgRGFsbGFzIENBMB4XDTA2MDcyMTAwMDAwMFoXDTA3MDcyMTIz NTk1OVowgfQxJzAlBgNVBAoUHlRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIFN5c3RlbTEtMCsG A1UECxQkVGhlIFVuaXZlcnNpdHkgb2YgVGV4YXMgYXQgRGFsbGFzIENBMUYwRAYDVQQLEz13 d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTIEluY29ycC4gYnkgUmVmLixMSUFCLkxU RChjKTk5MRgwFgYDVQQLFA9NYWlsIFN0b3AgLSBVVEQxFTATBgNVBAMTDFBhdWwgU2NobWVo bDEhMB8GCSqGSIb3DQEJARYScGF1bHNAdXRkYWxsYXMuZWR1MIGfMA0GCSqGSIb3DQEBAQUA A4GNADCBiQKBgQCrBVCMoEwZGjvluL0Zlb//jU6SQzTT3WoQv6lEUYtCHflUzW6KIs6V5lGD I8c+qq9E6dkyK9mzpLFFOpuGuHqHghUEOIL5ItYRIui9znBYtVgKoJmx+Q2B4iS2M1yGDa1a hbMHtSX39s3vbjv1Dna7ouh3ZmPFgO2hYpdGGIYApQIDAQABo4ICDDCCAggwCQYDVR0TBAIw ADAdBgNVHREEFjAUgRJwYXVsc0B1dGRhbGxhcy5lZHUwggEkBgNVHSAEggEbMIIBFzCCARMG C2CGSAGG+EUBBwEGMIIBAjArBggrBgEFBQcCARYfaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t L3JwYS1rcjCB0gYIKwYBBQUHAgIwgcUagcJOT1RJQ0U6IFByaXZhdGUga2V5IG1heSBiZSBy ZWNvdmVyZWQgYnkgVmVyaVNpZ24ncyBjdXN0b21lciB3aG8gbWF5IGJlIGFibGUgdG8gZGVj cnlwdCBtZXNzYWdlcyB5b3Ugc2VuZCB0byBjZXJ0aWZpY2F0ZSBob2xkZXIuICBVc2UgaXMg c3ViamVjdCB0byB0ZXJtcyBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhLWtyIChj KTk5LjARBglghkgBhvhCAQEEBAMCB4AwdQYDVR0fBG4wbDBqoGigZoZkaHR0cDovL29uc2l0 ZWNybC52ZXJpc2lnbi5jb20vVGhlVW5pdmVyc2l0eW9mVGV4YXNTeXN0ZW1UaGVVbml2ZXJz aXR5b2ZUZXhhc2F0RGFsbGFzQ0EvTGF0ZXN0Q1JMLmNybDALBgNVHQ8EBAMCBSAwHQYDVR0l BBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMA0GCSqGSIb3DQEBBAUAA4GBADXwtwprdba6Q09c Guq5Fe8UR5PsRXpC/D+zXhGswIv3AqUy/Osm1j9KRhrioInQqnVQUOl/zLL5GSvKJZHdzCap bVSdELy2pgb7x2iM+6awFX3yjs0bhlGOmakYsPorCGIX/Ff96PfFGQgFz3EOWBFYSsior8ZW NlXVIdcGqqC4MIIF9zCCBWCgAwIBAgIQRwBAwrEtuPEMlwm1Xz1jAjANBgkqhkiG9w0BAQQF ADCB6jEnMCUGA1UEChMeVGhlIFVuaXZlcnNpdHkgb2YgVGV4YXMgU3lzdGVtMR8wHQYDVQQL ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0 cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYyk5OTEyMDAGA1UECxMpQ2xhc3MgMiBDQSAt IE9uU2l0ZSBJbmRpdmlkdWFsIFN1YnNjcmliZXIxLTArBgNVBAMTJFRoZSBVbml2ZXJzaXR5 IG9mIFRleGFzIGF0IERhbGxhcyBDQTAeFw0wNjA3MjEwMDAwMDBaFw0wNzA3MjEyMzU5NTla MIH0MScwJQYDVQQKFB5UaGUgVW5pdmVyc2l0eSBvZiBUZXhhcyBTeXN0ZW0xLTArBgNVBAsU JFRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIGF0IERhbGxhcyBDQTFGMEQGA1UECxM9d3d3LnZl cmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJlZi4sTElBQi5MVEQoYyk5 OTEYMBYGA1UECxQPTWFpbCBTdG9wIC0gVVREMRUwEwYDVQQDEwxQYXVsIFNjaG1laGwxITAf BgkqhkiG9w0BCQEWEnBhdWxzQHV0ZGFsbGFzLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALhs8O1TDnZOvdnDqje3YRFfXgqsZTdAy20jvGX+cWIMlGZqbDIFGu0eTyep ircIUposx7ngZzzSmo+p91PSgzDC8pF9Riy+aHoME9LEbP6UTnLURuYTyn+GeKzWEuxswFBl p9s5VFMToiT6jA0xBcek4D2ZvzoRLuNu4cbo12n8rKN/zkrcrqJtZCmIMbzWdMHpJ5S84WYZ j204WonJP6uxp1CSnR1cFC8oPSb8kRpoEzx8UYX9cbpC4usm4ITsxeKnUKHHEXYpY2bJTz6l oPM5NlMpx3TklslVX/VwXIP9tPPfWp0aPw4N3dlJXa4M8UuKZZiZGXpjr8a3GCHQ0wsCAwEA AaOCAgwwggIIMAkGA1UdEwQCMAAwHQYDVR0RBBYwFIEScGF1bHNAdXRkYWxsYXMuZWR1MIIB JAYDVR0gBIIBGzCCARcwggETBgtghkgBhvhFAQcBBjCCAQIwKwYIKwYBBQUHAgEWH2h0dHBz Oi8vd3d3LnZlcmlzaWduLmNvbS9ycGEta3IwgdIGCCsGAQUFBwICMIHFGoHCTk9USUNFOiBQ cml2YXRlIGtleSBtYXkgYmUgcmVjb3ZlcmVkIGJ5IFZlcmlTaWduJ3MgY3VzdG9tZXIgd2hv IG1heSBiZSBhYmxlIHRvIGRlY3J5cHQgbWVzc2FnZXMgeW91IHNlbmQgdG8gY2VydGlmaWNh dGUgaG9sZGVyLiAgVXNlIGlzIHN1YmplY3QgdG8gdGVybXMgYXQgaHR0cHM6Ly93d3cudmVy aXNpZ24uY29tL3JwYS1rciAoYyk5OS4wEQYJYIZIAYb4QgEBBAQDAgeAMHUGA1UdHwRuMGww aqBooGaGZGh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL1RoZVVuaXZlcnNpdHlvZlRl eGFzU3lzdGVtVGhlVW5pdmVyc2l0eW9mVGV4YXNhdERhbGxhc0NBL0xhdGVzdENSTC5jcmww CwYDVR0PBAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMEBggrBgEFBQcDAjANBgkqhkiG9w0B AQQFAAOBgQA9UGpjcqqUOiW6cyNOH+jckkXIyLRSQtaQ0ykn1lelyR5U0bmcdj7PIcmRbxZn PFzqL6YPmxgN8hKHZhViuGivIRamwmD62JMXmJz1Py8pIxHsRJyXu7sz+D9KtM19zMAzNicz m3WBkXrdi6+QqWJum0sAAwJ1OaQf9AR8DU1HADGCBQgwggUEAgEBMIH/MIHqMScwJQYDVQQK Ex5UaGUgVW5pdmVyc2l0eSBvZiBUZXhhcyBTeXN0ZW0xHzAdBgNVBAsTFlZlcmlTaWduIFRy dXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJp c2lnbi5jb20vcnBhIChjKTk5MTIwMAYDVQQLEylDbGFzcyAyIENBIC0gT25TaXRlIEluZGl2 aWR1YWwgU3Vic2NyaWJlcjEtMCsGA1UEAxMkVGhlIFVuaXZlcnNpdHkgb2YgVGV4YXMgYXQg RGFsbGFzIENBAhBHAEDCsS248QyXCbVfPWMCMAkGBSsOAwIaBQCgggLdMBgGCSqGSIb3DQEJ AzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA2MDgxMTE2NDkyNlowIwYJKoZIhvcN AQkEMRYEFLyNenuBP/R3e5HUc8ALejyjHxbdMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcN AwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMC AgEoMIIBEQYJKwYBBAGCNxAEMYIBAjCB/zCB6jEnMCUGA1UEChMeVGhlIFVuaXZlcnNpdHkg b2YgVGV4YXMgU3lzdGVtMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYD VQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYyk5 OTEyMDAGA1UECxMpQ2xhc3MgMiBDQSAtIE9uU2l0ZSBJbmRpdmlkdWFsIFN1YnNjcmliZXIx LTArBgNVBAMTJFRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIGF0IERhbGxhcyBDQQIQHTCUOOL2 2PrHJ8aaRRLQwDCCARMGCyqGSIb3DQEJEAILMYIBAqCB/zCB6jEnMCUGA1UEChMeVGhlIFVu aXZlcnNpdHkgb2YgVGV4YXMgU3lzdGVtMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3 b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t L3JwYSAoYyk5OTEyMDAGA1UECxMpQ2xhc3MgMiBDQSAtIE9uU2l0ZSBJbmRpdmlkdWFsIFN1 YnNjcmliZXIxLTArBgNVBAMTJFRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIGF0IERhbGxhcyBD QQIQHTCUOOL22PrHJ8aaRRLQwDANBgkqhkiG9w0BAQEFAASCAQCTy56+pkxftHqTynUlqdwx Up14z16pEWyyQXwLXfVwwSxRSa+cS+JEZgHtIhihjQ8qDeX44pBEULx0WfLJOp89v0nJAeaf sSZ2tkv+ozTarr9J2R0zKpE4tTS+9ZtZPWXQ/B68f9czR4k0ZsAcQYTYOG/RuJfkzoLOti3t e4iHUgEUbbO7Ryl+Ad41T2LFzF0g3giYBGfIa6XUATxm/BV/LDQvpYcy8nrwhqN4b/KV6EHW H/Hd5AE2UEIZ/vZAwJquYpnHaqPYYg4XtF5wuK/PkErEkr2uEQIbyXYhhUMsBS2hIyV349FA GaTOBsnCUTtlLGdI/OLUmZ9SkwSwKdVMAAAAAAAA --------------ms050604080906030702040707--