Correction: as one will end up getting a new ID (the second one to reuse the same token).
On Tue, May 12, 2015 at 1:24 PM, Scott Griepentrog <sgriepent...@digium.com> wrote: > So as opposed to spoofing, there is also the case that someone having a > copy of Asteirsk in a virtual machine clones it, and ends up with two > instances reporting the same random ID. With the spoofing detection > mechanism (using tokens to get an ID from the server), the effect of this > case is minimized as each one will end up getting a new ID after token > timeout. > > > On Tue, May 12, 2015 at 12:59 PM, Tzafrir Cohen <tzafrir.co...@xorcom.com> > wrote: > >> Quoting the spec: >> >> | Spoofing >> | >> | In order to limit spoofing, the server will return a token for all >> | accepted requests to a server. Any subsequent requests to that resource >> | must present the token in the request. If a subsequent request fails to >> | provide the token, the request is rejected. Tokens expire after 48 >> | hours, at which point, a request does not have to provide a token. If a >> | request does provide a token that is expired - and no token is required >> | at that point - the request should be accepted and a new token granted. >> | Once a request is made without a token (and no token is expected), a new >> | token is issued for subsequent requests. >> | >> | So long as Asterisk's transmission of data occurs faster than once every >> | 48 hours, a malicious entity will not be able to spoof a resource. If a >> | system is down then a remote system can 'take over' a system, and the >> | legitimate system's attempts will be rejected. If that occurs... oh >> | well. It is anonymous data. >> >> I'm not sure I understand the need for the token. The Debian >> popularity-contest (popcon, [1]) only identifies systems by a single >> random token (MY_HOSTID in /etc/popularity-contest.conf). It supports >> sending information by mail as well (thus: completely >> non-interactively). I don't see what the extra temporary token buys >> here. >> >> Just send a report that includes the (random) server ID. Nobody should >> be able to copy those (as they are only sent encrypted over the >> internet). And in any event, why would anybody want to spoof that (as >> opposed to merely add records to skew the stats, which is possible >> either way just as easily). >> >> What am I missing here? >> >> [1] https://packages.debian.org/sid/popularity-contest >> >> -- >> Tzafrir Cohen >> icq#16849755 jabber:tzafrir.co...@xorcom.com >> +972-50-7952406 mailto:tzafrir.co...@xorcom.com >> http://www.xorcom.com >> >> -- >> _____________________________________________________________________ >> -- Bandwidth and Colocation Provided by http://www.api-digital.com -- >> >> asterisk-dev mailing list >> To UNSUBSCRIBE or update options visit: >> http://lists.digium.com/mailman/listinfo/asterisk-dev >> > > > > -- > [image: Digium logo] > Scott Griepentrog > Digium, Inc · Software Developer > 445 Jan Davis Drive NW · Huntsville, AL 35806 · US > direct/fax: +1 256 428 6239 · mobile: +1 256 580 6090 > Check us out at: http://digium.com · http://asterisk.org > -- [image: Digium logo] Scott Griepentrog Digium, Inc · Software Developer 445 Jan Davis Drive NW · Huntsville, AL 35806 · US direct/fax: +1 256 428 6239 · mobile: +1 256 580 6090 Check us out at: http://digium.com · http://asterisk.org
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
