On Aug 8, 2006, at 5:30 PM, Marc G. Fournier wrote:
On Wed, 9 Aug 2006, Antony Mawer wrote:
On 9/08/2006 9:16 AM, Marc G. Fournier wrote:
Can you tell me exactly what you do with those two pieces of
data? Is there any way that information would be accessible
from the internet?
Absolutely nothing else we do with it ... it just gives us a
unique key to work with ... in fact, assuming each of your
servers use a different IP, there is no reason you couldn't do
the uname trick above to hide the hostname ...
Unless someone breaks into the server, or database, somehow, the
data isn't accessible ...
What if we improved upon this - if instead of storing the hostname
and IP address, we stored a one-way hash of this information?
OpenSSH in recent versions takes the same approach with its
authorized_keys files...
Could create problems long term .. one thing I will be using the
IPs to do is:
SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC;
to look for any 'abnormalities' like todays with Armenia ...
hashing it would make stuff like that fairly difficult ...
----
Marc G. Fournier Hub.Org Networking Services (http://
www.hub.org)
Email . [EMAIL PROTECTED] MSN .
[EMAIL PROTECTED]
Yahoo . yscrappy Skype: hub.org ICQ . 7615664
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-
[EMAIL PROTECTED]"
Yes, that's true particularly if the server's were all the same
hardware type and the software was compiled at the same time. Maybe
my CPUID suggestion would come in handy?
Also, maybe that person from Armenia installed the script in a
distribution that's included in a virtual image (vmware comes to
mind), and he's loading it on a bunch of different machines behind a
(virtual) NAT or something... just a thought to consider.
-Garrett
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
