BSDstats Project v2.0 ...

Thu Aug 10 00:00:18 UTC 2006

On 8/9/06, Marc G. Fournier <scrappy at freebsd.org> wrote:
> On Wed, 9 Aug 2006, Paul Schmehl wrote:
>
> > Marc G. Fournier wrote:
> >> On Wed, 9 Aug 2006, Igor Robul wrote:
> >>
> >>> On Tue, Aug 08, 2006 at 09:30:42PM -0300, Marc G. Fournier wrote:
> >>>> Could create problems long term .. one thing I will be using the
> >>>> IPs to do is:
> >>>>
> >>>> SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC;
> >>>>
> >>>> to look for any 'abnormalities' like todays with Armenia ...
> >>>>
> >>>> hashing it would make stuff like that fairly difficult ...
> >>> You can make _two_ hashes and then concatenate to form unique key.
> >>> Then you still be able to see "a lot of single IPs". Personaly, I dont
> >>> care very much about IP/hostname disclosure :-)
> >>
> >> Except that you are disclosing that each and every time you send out an
> >> email, or hit a web site ... :)
> >>
> > The systems I'm concerned about are on private IP space, to not send email
> > and don't have X installed, much less a web browser and can only access
> > certain FreeBSD sites to update ports.  In fact, they're not even accessible
> > from *inside* our network except from certain hosts.  In order to
> > successfully run the stats script on these hosts, I would have to open a hole
> > in the firewall to bsdstats.hub.org on the correct port.
> >
> > And yes, I *am* paranoid.  But if you really want *all* statistics you can
> > get, then you'll have to deal with us paranoid types.  My workstation, which
> > is on a public IP, is already registered.
>
> Done ... now I really hope that the US stats rise, maybe?  I have a hard
> time believing that Russia and the Ukraine have more deployments then the
> 'good ol'US of A' ... or do they? *raised eyebrow*
>
> Here is what is now stored in the database (using my IP as a basis)
>
> # select * from systems where ip = md5('24.224.179.167');
>    id  |                ip                |             hostname             | operating_system |  release   | architecture | country |        report_date
> ------+----------------------------------+----------------------------------+------------------+------------+--------------+---------+---------------------------
>   1295 | 45c80b9266a5a6683eee9c9798bd6575 | 4a9110019f2ca076407ed838bf190017 | FreeBSD          | 6.1-RC1    | i386         | CA      | 2006-08-09 02:34:05.12579
>      1 | 45c80b9266a5a6683eee9c9798bd6575 | 9a45e58ab9535d89f0a7d2092b816364 | FreeBSD          | 6.1-STABLE | i386         | CA      | 2006-08-09 16:01:03.34788
>

Why don't you just broadcast the ip address, it's what your doing now
anyways. 253^4 is a very small number.

infomatic# perl
my $num = 0;
system "date";
while ($num <= 409715208) {
$num++
}
system "date";
Wed Aug  9 18:18:45 CDT 2006
Wed Aug  9 18:20:48 CDT 2006

2 minutes * 10 = 20 minutes to iterate though 4 billion IP addresses
on a very slow uni-proc system. I could even store every IP to md5
hash using less then 222GB of uncompressed space.

If you want... give me the md5 hash of a real ip address that is
unknown to me and I will hand you the ip address in two days... or
less. run the IP address though like this:

md5 -s "xxx.xxx.xxx.xxx"

I have other things to do with my time, so I don't really want to do
this, but if that's what it takes to stop this idea dead I'll do it.

-- 
BSD Podcasts @:
http://bsdtalk.blogspot.com/
http://freebsdforall.blogspot.com/