BSDstats Project v2.0 ...
youshi10 at u.washington.edu
Wed Aug 9 07:08:50 UTC 2006
On Aug 8, 2006, at 5:30 PM, Marc G. Fournier wrote:
> On Wed, 9 Aug 2006, Antony Mawer wrote:
>> On 9/08/2006 9:16 AM, Marc G. Fournier wrote:
>>>> Can you tell me exactly what you do with those two pieces of
>>>> data? Is there any way that information would be accessible
>>>> from the internet?
>>> Absolutely nothing else we do with it ... it just gives us a
>>> unique key to work with ... in fact, assuming each of your
>>> servers use a different IP, there is no reason you couldn't do
>>> the uname trick above to hide the hostname ...
>>> Unless someone breaks into the server, or database, somehow, the
>>> data isn't accessible ...
>> What if we improved upon this - if instead of storing the hostname
>> and IP address, we stored a one-way hash of this information?
>> OpenSSH in recent versions takes the same approach with its
>> authorized_keys files...
> Could create problems long term .. one thing I will be using the
> IPs to do is:
> SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC;
> to look for any 'abnormalities' like todays with Armenia ...
> hashing it would make stuff like that fairly difficult ...
> Marc G. Fournier Hub.Org Networking Services (http://
> Email . scrappy at hub.org MSN .
> scrappy at hub.org
> Yahoo . yscrappy Skype: hub.org ICQ . 7615664
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-
> unsubscribe at freebsd.org"
Yes, that's true particularly if the server's were all the same
hardware type and the software was compiled at the same time. Maybe
my CPUID suggestion would come in handy?
Also, maybe that person from Armenia installed the script in a
distribution that's included in a virtual image (vmware comes to
mind), and he's loading it on a bunch of different machines behind a
(virtual) NAT or something... just a thought to consider.
More information about the freebsd-questions