Date: Fri, 11 Aug 2006 13:06:57 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Nikolas Britton <nikolas.britton@gmail.com> Cc: Paul Schmehl <pauls@utdallas.edu>, "Marc G. Fournier" <scrappy@freebsd.org>, freebsd-questions@freebsd.org Subject: Re: BSDstats Project v2.0 ... Message-ID: <44DC72E1.6020306@infracaninophile.co.uk> In-Reply-To: <ef10de9a0608110342q62f81fc8p5fb4b4df37595593@mail.gmail.com> References: <20060807003815.C7522@ganymede.hub.org> <20060808201359.S7522@ganymede.hub.org> <44D91F02.90107@mawer.org> <20060808212719.L7522@ganymede.hub.org> <20060809072313.GA19441@sysadm.stc> <20060809055245.J7522@ganymede.hub.org> <44D9F9C4.4050406@utdallas.edu> <20060809130354.U7522@ganymede.hub.org> <ef10de9a0608091700x6cc268ear6566c26f93f1fdf0@mail.gmail.com> <ef10de9a0608100327r5b402d64xc4eef38a4f61ba4e@mail.gmail.com> <ef10de9a0608110342q62f81fc8p5fb4b4df37595593@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig074A659739040F68FF3F126D Content-Type: multipart/mixed; boundary="------------040407040206020807060706" This is a multi-part message in MIME format. --------------040407040206020807060706 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable Nikolas Britton wrote: > Ok... With my new script it took only 158 minutes to compute ALL > TCP/IP address hashes. I'll repeat that... I have an md5 hash for > every IP address in the world! All I need to do is grep your hash and > it will tell me your IP address. yippee! :-) >=20 > Can we please find a new method to track hosts... perhaps my earlier > example: ifconfig |md5. If not please remove my entries in the > database. How about the attached diff. As discussed else-thread, this generates a random ID 128bit token -- the chances of any two hosts generating the same token are so minuscule as to be negligible. The token is cached in a file /var/db/bsdstats for re-use in later months. This also adds the capability for the paranoid to withhold the hostname of the machine, and it removes what looks like a forgotten bit of debuggi= ng code that would mean Marc would get quite a lot of e-mail each month... I believe the default for CGI scripts is to ignore any extra parameters that they weren't programmed to expect[1], so this should even be compati= ble with the current bsdstats stuff. =20 Cheers, Matthew [1] No one would seriously contemplate running PHP with 'register_globals= ' enabled in this day and age would they? --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW --------------040407040206020807060706 Content-Type: text/plain; name="300.statistics.diff" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline; filename="300.statistics.diff" --- /usr/ports/sysutils/bsdstats/files/300.statistics Thu Aug 10 10:58:00= 2006 +++ 300.statistics Fri Aug 11 12:56:54 2006 @@ -5,7 +5,6 @@ =20 # If there is a global system configuration file, suck it in. # -monthly_statistics_mailto=3D"scrappy@hub.org,root" if [ -r /etc/defaults/periodic.conf ] then . /etc/defaults/periodic.conf @@ -37,22 +36,50 @@ /usr/bin/fetch -qo /dev/null "http://$checkin_server/scripts/$1" } =20 -checkin_server=3D"bsdstats.hub.org"; +get_id_token () { + if [ -f $id_token_file ] ; + then + . $id_token_file + else + IDTOKEN=3D$( openssl rand -base64 16 ) + touch $id_token_file && \ + chown root:wheel $id_token_file && \ + chmod 600 $id_token_file && \ + echo "IDTOKEN=3D'$IDTOKEN'" > $id_token_file + fi + IDTOKEN=3D$( uri_escape $IDTOKEN ) +} + +checkin_server=3D'bsdstats.hub.org' +id_token_file=3D'/var/db/bsdstats' + +# Send hostname to the stats server? Default yes -- set to "NO" +# in periodic.conf if desired. + +monthly_statistics_reveal_hostname=3D${monthly_statisics_reveal_hostname= -"YES"} =20 case "$monthly_statistics_enable" in [Yy][Ee][Ss]) - HN=3D`/bin/hostname` + get_id_token + case "$monthly_statistics_reveal_hostname" in + [Yy][Ee][Ss]) + HN=3D`/bin/hostname` + ;; + *) + HN=3D'(no-hostname)' + ;; + esac SYS=3D`/usr/bin/uname -r` ARCH=3D`/usr/bin/uname -m` OS=3D`/usr/bin/uname -s` - do_fetch getid.php?hn=3D$HN\&sys=3D$SYS\&arch=3D$ARCH\&opsys=3D$OS= + do_fetch getid.php?id=3D$IDTOKEN\&hn=3D$HN\&sys=3D$SYS\&arch=3D$AR= CH\&opsys=3D$OS echo "Posting monthly OS statistics to $checkin_server" case "$monthly_statistics_report_devices" in [Yy][Ee][Ss]) IFS=3D" " =20 - do_fetch clear_devices.php?hn=3D$HN + do_fetch clear_devices.php?id=3D$IDTOKEN\&hn=3D$HN for line in `/usr/sbin/pciconf -l | /usr/bin/grep -v none` do DRIVER=3D`echo $line | awk -F\@ '{print $1}'` @@ -60,7 +87,7 @@ DEV=3D`echo $line | awk '{print $4}' | cut -c8-11` CLASS=3D`echo $line | awk '{print $2}' | cut -c9-10` SUBCLASS=3D`echo $line | awk '{print $2}' | cut -c11-14`= - do_fetch report_device.php?driver=3D$DRIVER\&vendor=3D$V= EN\&device=3D$DEV\&class=3D$CLASS\&subclass=3D$SUBCLASS\&hn=3D$HN + do_fetch report_device.php?id=3D$IDTOKEN\&driver=3D$DRIV= ER\&vendor=3D$VEN\&device=3D$DEV\&class=3D$CLASS\&subclass=3D$SUBCLASS\&h= n=3D$HN done echo "Posting monthly device statistics to $checkin_server" =20 @@ -69,10 +96,10 @@ DEV=3D$( uri_escape $( echo $line | cut -d ' ' -f 2- ) ) n=3D0 count=3D$( sysctl -n hw.ncpu ) - do_fetch clear_cpu.php?hn=3D$HN + do_fetch clear_cpu.php?id=3D$IDTOKEN\&hn=3D$HN while [ $n -lt $count ] do - do_fetch report_cpu.php?cpu_id=3DCPU$n\&vendor=3D$VEN\&c= pu_type=3D$DEV\&hn=3D$HN + do_fetch report_cpu.php?id=3D$IDTOKEN\&cpu_id=3DCPU$n\&v= endor=3D$VEN\&cpu_type=3D$DEV\&hn=3D$HN n=3D$(( $n + 1 )) done echo "Posting monthly CPU statistics to $checkin_server" --------------040407040206020807060706-- --------------enig074A659739040F68FF3F126D Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE3HLs8Mjk52CukIwRCEsJAJ4sl0SuaJbcbgDdtCo4PJ9RDTOE4QCfQya0 DtLGerxcBUTUY+kS0w5J+D0= =KVBB -----END PGP SIGNATURE----- --------------enig074A659739040F68FF3F126D--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44DC72E1.6020306>