On Wed, 9 Aug 2006, Paul Schmehl wrote:

Igor Robul wrote:

The only down side is it still can be faked, just like everything else.
IP from which connection is made cannot be  faked, at least I dont know
how to fake it. So there is at least one "unfakable" part of key. But
there is no real need to keep real IP in database, for privacy reasons
it is better to keep one-way hash in database.

We're using PAT. That means that, when I use a private host to access the internet, I could be on any one of a number of IP addresses. However, I was assuming that Marc is using the IP reported by ifconfig, which *should* be unique for each host, as opposed to the IP that connects to him, which could represent literally thousands of hosts in some cases.

ifconfig most definitely wouldn't be unique for each host ... ifconfig on my machines here would show 192.168.1.2 and 192.168.1.99 ... I have no idea how many, but I imagine there are *alot* of hosts behind a NAT, or router, that would show those same numbers ...

The uniqueness is a combination of IP+hostname ... again, as one pointed out with PCBSD, this isn't always necessarily the case, but, IMHO, that is a flaw of PCBSD having all hosts on the same network using the same hostname ...

----
Marc G. Fournier           Hub.Org Networking Services (http://www.hub.org)
Email . [EMAIL PROTECTED]                              MSN . [EMAIL PROTECTED]
Yahoo . yscrappy               Skype: hub.org        ICQ . 7615664
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to