Marc G. Fournier wrote:
The systems I'm concerned about are on private IP space, to not send email and don't have X installed, much less a web browser and can only access certain FreeBSD sites to update ports. In fact, they're not even accessible from *inside* our network except from certain hosts. In order to successfully run the stats script on these hosts, I would have to open a hole in the firewall to bsdstats.hub.org on the correct port.On Wed, 9 Aug 2006, Igor Robul wrote:On Tue, Aug 08, 2006 at 09:30:42PM -0300, Marc G. Fournier wrote:Could create problems long term .. one thing I will be using the IPs to do is: SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC; to look for any 'abnormalities' like todays with Armenia ... hashing it would make stuff like that fairly difficult ...You can make _two_ hashes and then concatenate to form unique key. Then you still be able to see "a lot of single IPs". Personaly, I dont care very much about IP/hostname disclosure :-)Except that you are disclosing that each and every time you send out an email, or hit a web site ... :)
And yes, I *am* paranoid. But if you really want *all* statistics you can get, then you'll have to deal with us paranoid types. My workstation, which is on a public IP, is already registered.
Regardless, though ... what do ppl suggest here? Simple 'md5' hash?
I think md5 is fine. SHA256 would probably be better. :-) -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/
smime.p7s
Description: S/MIME Cryptographic Signature