From owner-freebsd-questions@FreeBSD.ORG Sat Aug 12 03:29:20 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1787116A4DF for ; Sat, 12 Aug 2006 03:29:20 +0000 (UTC) (envelope-from nikolas.britton@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.186]) by mx1.FreeBSD.org (Postfix) with ESMTP id A2BF243D46 for ; Sat, 12 Aug 2006 03:29:18 +0000 (GMT) (envelope-from nikolas.britton@gmail.com) Received: by nf-out-0910.google.com with SMTP id g2so1289551nfe for ; Fri, 11 Aug 2006 20:29:17 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=tzkbv31kwgv/1QoKV6iGmcsdWa5ja8/L58pVPrla/0Dkimt/bW3aCjFlHKtPCpnojwHiD78QPcTlmAkrTrk/7FEsFcBFYfI74y1tcWtLkQUYk2xq0RMAd30MCPtj3AsaTVNLJEc7m2YH0tZsOd/9m+l6JxtVYQ3uSwH2OY21P7I= Received: by 10.78.140.17 with SMTP id n17mr2446198hud; Fri, 11 Aug 2006 20:29:17 -0700 (PDT) Received: by 10.78.143.11 with HTTP; Fri, 11 Aug 2006 20:29:17 -0700 (PDT) Message-ID: Date: Fri, 11 Aug 2006 20:29:17 -0700 From: "Nikolas Britton" To: "Matthew Seaman" In-Reply-To: <44DC8868.4050009@infracaninophile.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20060807003815.C7522@ganymede.hub.org> <20060809072313.GA19441@sysadm.stc> <20060809055245.J7522@ganymede.hub.org> <44D9F9C4.4050406@utdallas.edu> <20060809130354.U7522@ganymede.hub.org> <20060811100914.U7522@ganymede.hub.org> <44DC8868.4050009@infracaninophile.co.uk> Cc: Paul Schmehl , "Marc G. Fournier" , freebsd-questions@freebsd.org Subject: Re: BSDstats Project v2.0 ... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Aug 2006 03:29:20 -0000 On 8/11/06, Matthew Seaman wrote: > Marc G. Fournier wrote: > > On Fri, 11 Aug 2006, Nikolas Britton wrote: > > > >> Ok... With my new script it took only 158 minutes to compute ALL > >> TCP/IP address hashes. I'll repeat that... I have an md5 hash for > >> every IP address in the world! All I need to do is grep your hash and > >> it will tell me your IP address. yippee! :-) > > > > Can someone please explain to me what exactly you are trying to secure > > against in this case? > > He's trying to prevent any possibility of information disclosure about > his servers. If I wanted to hack into his site, knowing what hosts he > had running (ie. a bunch of live IP numbers) and what OS etc. each used > would mean I'm already halfway to my goal. Now, while the design of > bsdstats does not disclose that sort of stuff readily, any security > conscious admin is going to worry about that data being collected and > held outside of his administrative control. Having a completely > anonymous and untraceable token to identify each of the hosts sending > in information should make connecting the information back to the > original sender practically impossible. > YES! what he said... I don't want ANYTHING to trace back to me or my systems. > Although, playing devil's advocate here, anyone that could steal the > Apache log files from the bsdstats server would be able to work out > that sort of data fairly readily. I guess the truly paranoid should > only submit their data via some sort of anonymizing proxy. > That's simple, don't keep the log files... * Can we trust Marc to delete them? * I thought this was going to be an official FreeBSD project hosted on freebsd.org? * Maybe we should get the OpenBSD people involved? Just thinking out loud :-/ -- BSD Podcasts @: http://bsdtalk.blogspot.com/ http://freebsdforall.blogspot.com/