BSDstats Project v2.0 ...
Paul Schmehl
pauls at utdallas.edu
Wed Aug 9 16:02:05 UTC 2006
Igor Robul wrote:
>>
>> The only down side is it still can be faked, just like everything else.
> IP from which connection is made cannot be faked, at least I dont know
> how to fake it. So there is at least one "unfakable" part of key. But
> there is no real need to keep real IP in database, for privacy reasons
> it is better to keep one-way hash in database.
>
We're using PAT. That means that, when I use a private host to access
the internet, I could be on any one of a number of IP addresses.
However, I was assuming that Marc is using the IP reported by ifconfig,
which *should* be unique for each host, as opposed to the IP that
connects to him, which could represent literally thousands of hosts in
some cases.
--
Paul Schmehl (pauls at utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5268 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20060809/ebf7339b/smime.bin
More information about the freebsd-questions
mailing list