BSDstats Project v2.0 ...

Wed Aug 9 15:05:16 UTC 2006

Marc G. Fournier wrote:
> On Wed, 9 Aug 2006, Igor Robul wrote:
> 
>> On Tue, Aug 08, 2006 at 09:30:42PM -0300, Marc G. Fournier wrote:
>>> Could create problems long term .. one thing I will be using the
>>> IPs to do is:
>>>
>>> SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC;
>>>
>>> to look for any 'abnormalities' like todays with Armenia ...
>>>
>>> hashing it would make stuff like that fairly difficult ...
>> You can make _two_ hashes and then concatenate to form unique key.
>> Then you still be able to see "a lot of single IPs". Personaly, I dont
>> care very much about IP/hostname disclosure :-)
> 
> Except that you are disclosing that each and every time you send out an 
> email, or hit a web site ... :)
> 
The systems I'm concerned about are on private IP space, to not send 
email and don't have X installed, much less a web browser and can only 
access certain FreeBSD sites to update ports.  In fact, they're not even 
accessible from *inside* our network except from certain hosts.  In 
order to successfully run the stats script on these hosts, I would have 
to open a hole in the firewall to bsdstats.hub.org on the correct port.

And yes, I *am* paranoid.  But if you really want *all* statistics you 
can get, then you'll have to deal with us paranoid types.  My 
workstation, which is on a public IP, is already registered.

> Regardless, though ... what do ppl suggest here?  Simple 'md5' hash?

I think md5 is fine.  SHA256 would probably be better.  :-)

-- 
Paul Schmehl (pauls at utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5268 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20060809/16e1994d/smime.bin