--On August 9, 2006 9:32:18 AM +1000 Antony Mawer
<[EMAIL PROTECTED]> wrote:
On 9/08/2006 9:16 AM, Marc G. Fournier wrote:
Can you tell me exactly what you do with those two pieces of data? Is
there any way that information would be accessible from the internet?
Absolutely nothing else we do with it ... it just gives us a unique key
to work with ... in fact, assuming each of your servers use a different
IP, there is no reason you couldn't do the uname trick above to hide
the hostname ...
Unless someone breaks into the server, or database, somehow, the data
isn't accessible ...
What if we improved upon this - if instead of storing the hostname and
IP address, we stored a one-way hash of this information? OpenSSH in
recent versions takes the same approach with its authorized_keys files...
I like that idea. I'm ready to submit my workstation, but I'm still a bit
hesitant about some servers I admin....A one way hash would alleviate my
concerns.
Paul Schmehl ([EMAIL PROTECTED])
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
