Date: Fri, 11 Aug 2006 13:06:57 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Nikolas Britton <nikolas.britton@gmail.com> Cc: Paul Schmehl <pauls@utdallas.edu>, "Marc G. Fournier" <scrappy@freebsd.org>, freebsd-questions@freebsd.org Subject: Re: BSDstats Project v2.0 ... Message-ID: <44DC72E1.6020306@infracaninophile.co.uk> In-Reply-To: <ef10de9a0608110342q62f81fc8p5fb4b4df37595593@mail.gmail.com> References: <20060807003815.C7522@ganymede.hub.org> <20060808201359.S7522@ganymede.hub.org> <44D91F02.90107@mawer.org> <20060808212719.L7522@ganymede.hub.org> <20060809072313.GA19441@sysadm.stc> <20060809055245.J7522@ganymede.hub.org> <44D9F9C4.4050406@utdallas.edu> <20060809130354.U7522@ganymede.hub.org> <ef10de9a0608091700x6cc268ear6566c26f93f1fdf0@mail.gmail.com> <ef10de9a0608100327r5b402d64xc4eef38a4f61ba4e@mail.gmail.com> <ef10de9a0608110342q62f81fc8p5fb4b4df37595593@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig074A659739040F68FF3F126D
Content-Type: multipart/mixed; boundary="------------040407040206020807060706"
This is a multi-part message in MIME format.
--------------040407040206020807060706
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable
Nikolas Britton wrote:
> Ok... With my new script it took only 158 minutes to compute ALL
> TCP/IP address hashes. I'll repeat that... I have an md5 hash for
> every IP address in the world! All I need to do is grep your hash and
> it will tell me your IP address. yippee! :-)
>=20
> Can we please find a new method to track hosts... perhaps my earlier
> example: ifconfig |md5. If not please remove my entries in the
> database.
How about the attached diff. As discussed else-thread, this generates
a random ID 128bit token -- the chances of any two hosts generating the
same token are so minuscule as to be negligible. The token is cached in
a file /var/db/bsdstats for re-use in later months.
This also adds the capability for the paranoid to withhold the hostname
of the machine, and it removes what looks like a forgotten bit of debuggi=
ng
code that would mean Marc would get quite a lot of e-mail each month...
I believe the default for CGI scripts is to ignore any extra parameters
that they weren't programmed to expect[1], so this should even be compati=
ble
with the current bsdstats stuff. =20
Cheers,
Matthew
[1] No one would seriously contemplate running PHP with 'register_globals=
'
enabled in this day and age would they?
--=20
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
--------------040407040206020807060706
Content-Type: text/plain;
name="300.statistics.diff"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline;
filename="300.statistics.diff"
--- /usr/ports/sysutils/bsdstats/files/300.statistics Thu Aug 10 10:58:00=
2006
+++ 300.statistics Fri Aug 11 12:56:54 2006
@@ -5,7 +5,6 @@
=20
# If there is a global system configuration file, suck it in.
#
-monthly_statistics_mailto=3D"scrappy@hub.org,root"
if [ -r /etc/defaults/periodic.conf ]
then
. /etc/defaults/periodic.conf
@@ -37,22 +36,50 @@
/usr/bin/fetch -qo /dev/null "http://$checkin_server/scripts/$1"
}
=20
-checkin_server=3D"bsdstats.hub.org";
+get_id_token () {
+ if [ -f $id_token_file ] ;
+ then
+ . $id_token_file
+ else
+ IDTOKEN=3D$( openssl rand -base64 16 )
+ touch $id_token_file && \
+ chown root:wheel $id_token_file && \
+ chmod 600 $id_token_file && \
+ echo "IDTOKEN=3D'$IDTOKEN'" > $id_token_file
+ fi
+ IDTOKEN=3D$( uri_escape $IDTOKEN )
+}
+
+checkin_server=3D'bsdstats.hub.org'
+id_token_file=3D'/var/db/bsdstats'
+
+# Send hostname to the stats server? Default yes -- set to "NO"
+# in periodic.conf if desired.
+
+monthly_statistics_reveal_hostname=3D${monthly_statisics_reveal_hostname=
-"YES"}
=20
case "$monthly_statistics_enable" in
[Yy][Ee][Ss])
- HN=3D`/bin/hostname`
+ get_id_token
+ case "$monthly_statistics_reveal_hostname" in
+ [Yy][Ee][Ss])
+ HN=3D`/bin/hostname`
+ ;;
+ *)
+ HN=3D'(no-hostname)'
+ ;;
+ esac
SYS=3D`/usr/bin/uname -r`
ARCH=3D`/usr/bin/uname -m`
OS=3D`/usr/bin/uname -s`
- do_fetch getid.php?hn=3D$HN\&sys=3D$SYS\&arch=3D$ARCH\&opsys=3D$OS=
+ do_fetch getid.php?id=3D$IDTOKEN\&hn=3D$HN\&sys=3D$SYS\&arch=3D$AR=
CH\&opsys=3D$OS
echo "Posting monthly OS statistics to $checkin_server"
case "$monthly_statistics_report_devices" in
[Yy][Ee][Ss])
IFS=3D"
"
=20
- do_fetch clear_devices.php?hn=3D$HN
+ do_fetch clear_devices.php?id=3D$IDTOKEN\&hn=3D$HN
for line in `/usr/sbin/pciconf -l | /usr/bin/grep -v none`
do
DRIVER=3D`echo $line | awk -F\@ '{print $1}'`
@@ -60,7 +87,7 @@
DEV=3D`echo $line | awk '{print $4}' | cut -c8-11`
CLASS=3D`echo $line | awk '{print $2}' | cut -c9-10`
SUBCLASS=3D`echo $line | awk '{print $2}' | cut -c11-14`=
- do_fetch report_device.php?driver=3D$DRIVER\&vendor=3D$V=
EN\&device=3D$DEV\&class=3D$CLASS\&subclass=3D$SUBCLASS\&hn=3D$HN
+ do_fetch report_device.php?id=3D$IDTOKEN\&driver=3D$DRIV=
ER\&vendor=3D$VEN\&device=3D$DEV\&class=3D$CLASS\&subclass=3D$SUBCLASS\&h=
n=3D$HN
done
echo "Posting monthly device statistics to $checkin_server"
=20
@@ -69,10 +96,10 @@
DEV=3D$( uri_escape $( echo $line | cut -d ' ' -f 2- ) )
n=3D0
count=3D$( sysctl -n hw.ncpu )
- do_fetch clear_cpu.php?hn=3D$HN
+ do_fetch clear_cpu.php?id=3D$IDTOKEN\&hn=3D$HN
while [ $n -lt $count ]
do
- do_fetch report_cpu.php?cpu_id=3DCPU$n\&vendor=3D$VEN\&c=
pu_type=3D$DEV\&hn=3D$HN
+ do_fetch report_cpu.php?id=3D$IDTOKEN\&cpu_id=3DCPU$n\&v=
endor=3D$VEN\&cpu_type=3D$DEV\&hn=3D$HN
n=3D$(( $n + 1 ))
done
echo "Posting monthly CPU statistics to $checkin_server"
--------------040407040206020807060706--
--------------enig074A659739040F68FF3F126D
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE3HLs8Mjk52CukIwRCEsJAJ4sl0SuaJbcbgDdtCo4PJ9RDTOE4QCfQya0
DtLGerxcBUTUY+kS0w5J+D0=
=KVBB
-----END PGP SIGNATURE-----
--------------enig074A659739040F68FF3F126D--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44DC72E1.6020306>