From owner-freebsd-questions@FreeBSD.ORG Wed Aug 9 03:45:51 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4024916A4EB; Wed, 9 Aug 2006 03:45:51 +0000 (UTC) (envelope-from pauls@utdallas.edu) Received: from mail.stovebolt.com (mail.stovebolt.com [66.221.101.248]) by mx1.FreeBSD.org (Postfix) with ESMTP id DB1DA43D46; Wed, 9 Aug 2006 03:45:50 +0000 (GMT) (envelope-from pauls@utdallas.edu) Received: from [192.168.2.102] (adsl-68-93-60-54.dsl.rcsntx.swbell.net [68.93.60.54]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.stovebolt.com (Postfix) with ESMTP id 59EC3114313; Tue, 8 Aug 2006 22:44:02 -0500 (CDT) Date: Tue, 08 Aug 2006 22:45:48 -0500 From: pauls@utdallas.edu To: Antony Mawer , "Marc G. Fournier" Message-ID: <18983F75ECCB22D9B189A989@paul-schmehls-powerbook59.local> In-Reply-To: <44D91F02.90107@mawer.org> References: <20060807003815.C7522@ganymede.hub.org> <20060808102819.GB64879@augusta.de> <20060808153921.V7522@ganymede.hub.org> <44D8EC98.8020801@utdallas.edu> <20060808201359.S7522@ganymede.hub.org> <44D91F02.90107@mawer.org> X-Mailer: Mulberry/4.0.0 (Mac OS X) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=sha1; protocol="application/pkcs7-signature"; boundary="==========D9F3C10BFDD193C3689A==========" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: BSDstats Project v2.0 ... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Aug 2006 03:45:51 -0000 --==========D9F3C10BFDD193C3689A========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On August 9, 2006 9:32:18 AM +1000 Antony Mawer=20 wrote: > On 9/08/2006 9:16 AM, Marc G. Fournier wrote: >>> Can you tell me exactly what you do with those two pieces of data? Is >>> there any way that information would be accessible from the internet? >> >> Absolutely nothing else we do with it ... it just gives us a unique key >> to work with ... in fact, assuming each of your servers use a different >> IP, there is no reason you couldn't do the uname trick above to hide >> the hostname ... >> >> Unless someone breaks into the server, or database, somehow, the data >> isn't accessible ... > > What if we improved upon this - if instead of storing the hostname and > IP address, we stored a one-way hash of this information? OpenSSH in > recent versions takes the same approach with its authorized_keys = files... > I like that idea. I'm ready to submit my workstation, but I'm still a bit = hesitant about some servers I admin....A one way hash would alleviate my=20 concerns. Paul Schmehl (pauls@utdallas.edu) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ --==========D9F3C10BFDD193C3689A==========--