Gotta start somewhere ... how many of us are really out there?
Nikolas Britton
nikolas.britton at gmail.com
Wed Aug 2 17:47:39 UTC 2006
On 8/2/06, Alex Zbyslaw <xfb52 at dial.pipex.com> wrote:
> Atom Powers wrote:
>
> >
> > It's still going to take you at least a release to get it into the
> > base install. But if you can find a way to use the portsnap data and
> > get useful information out of the cvsup data you can probably get
> > numbers now with an error margin as low as 8% to 15%.
>
> Hey, I said that a week ago! Guess I agree with you :-)
>
> Not quite convinced by the error margin, but as long as you count too
> low then I see no problem. If, as Nikolas pointed out, a URL-based
> reporting scheme can be bombarded with fakes, as a vendor I would not
> want to listen to any numbers it produced.
>
> But the question then goes back to: can you make any kind of count out
> of cvsup servers? Someone already said they thought you couldn't.
>
> At the end of the day, I think that unique IP address is as close as
> it's possible to get to host count. It will undercount NATed hosts and
> networks with single cvsup/portsnap distribution points, and will
> overcount variable IP addresses. The latter, I think matters the least
> as long as you do your stats over a short enough period (e.g. 1 month).
> That wouldn't overcount much and deliberate faking would be hard and
> limited (how many IP addresses can one faker get access to?).
>
> Then, as long as the methodology is clearly explained along with any
> stats, you'd have the ammunition to persuade vendors (we hope).
>
> --Alex
>
The problem with cvsup (I use cvsup.) is the error margin. The closer
we get to release dates the more I use cvsup, It's a side effect of
running -STABLE. anyways... back to the fakers...
Lets think about the usage patterns of a "typical" faker vs NAT:
Faker:
* All from one IP address.
* Sequential requests.
* Scripted, so each request should be timed perfectly with the one
before and the one after it.
* Thousands of requests.
NATed Boxes:
* All from one IP address.
* Parallel requests.
* Not scripted, requests should be more random.
* Hundreds of requests?
Also I seem to remember a way to detect NATed boxes:
http://www.google.com/search?client=opera&rls=en&q=detecting+NAT&sourceid=opera&ie=utf-8&oe=utf-8
--
BSD Podcasts @:
http://bsdtalk.blogspot.com/
http://freebsdforall.blogspot.com/
More information about the freebsd-questions
mailing list