Nikolas Britton wrote:
> Ok... With my new script it took only 158 minutes to compute ALL
> TCP/IP address hashes. I'll repeat that... I have an md5 hash for
> every IP address in the world! All I need to do is grep your hash and
> it will tell me your IP address. yippee! :-)
> 
> Can we please find a new method to track hosts... perhaps my earlier
> example: ifconfig |md5. If not please remove my entries in the
> database.

How about the attached diff.  As discussed else-thread, this generates
a random ID 128bit token -- the chances of any two hosts generating the
same token are so minuscule as to be negligible.  The token is cached in
a file /var/db/bsdstats for re-use in later months.

This also adds the capability for the paranoid to withhold the hostname
of the machine, and it removes what looks like a forgotten bit of debugging
code that would mean Marc would get quite a lot of e-mail each month...

I believe the default for CGI scripts is to ignore any extra parameters
that they weren't programmed to expect[1], so this should even be compatible
with the current bsdstats stuff.  

        Cheers,

        Matthew

[1] No one would seriously contemplate running PHP with 'register_globals'
enabled in this day and age would they?

-- 
Dr Matthew J Seaman MA, D.Phil.                       7 Priory Courtyard
                                                      Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey         Ramsgate
                                                      Kent, CT11 9PW
--- /usr/ports/sysutils/bsdstats/files/300.statistics   Thu Aug 10 10:58:00 2006
+++ 300.statistics      Fri Aug 11 12:56:54 2006
@@ -5,7 +5,6 @@
 
 # If there is a global system configuration file, suck it in.
 #
-monthly_statistics_mailto="[EMAIL PROTECTED],root"
 if [ -r /etc/defaults/periodic.conf ]
 then
     . /etc/defaults/periodic.conf
@@ -37,22 +36,50 @@
     /usr/bin/fetch -qo /dev/null "http://$checkin_server/scripts/$1";
 }
 
-checkin_server="bsdstats.hub.org";
+get_id_token () {
+    if [ -f $id_token_file ] ;
+    then
+       . $id_token_file
+    else
+       IDTOKEN=$( openssl rand -base64 16 )
+       touch $id_token_file                             && \
+           chown root:wheel $id_token_file              && \
+           chmod 600 $id_token_file                     && \
+           echo "IDTOKEN='$IDTOKEN'" > $id_token_file
+    fi
+    IDTOKEN=$( uri_escape $IDTOKEN )
+}
+
+checkin_server='bsdstats.hub.org'
+id_token_file='/var/db/bsdstats'
+
+# Send hostname to the stats server? Default yes -- set to "NO"
+# in periodic.conf if desired.
+
+monthly_statistics_reveal_hostname=${monthly_statisics_reveal_hostname-"YES"}
 
 case "$monthly_statistics_enable" in
     [Yy][Ee][Ss])
-      HN=`/bin/hostname`
+      get_id_token
+      case "$monthly_statistics_reveal_hostname" in
+         [Yy][Ee][Ss])
+         HN=`/bin/hostname`
+         ;;
+         *)
+         HN='(no-hostname)'
+         ;;
+      esac
       SYS=`/usr/bin/uname -r`
       ARCH=`/usr/bin/uname -m`
       OS=`/usr/bin/uname -s`
-      do_fetch getid.php?hn=$HN\&sys=$SYS\&arch=$ARCH\&opsys=$OS
+      do_fetch getid.php?id=$IDTOKEN\&hn=$HN\&sys=$SYS\&arch=$ARCH\&opsys=$OS
       echo "Posting monthly OS statistics to $checkin_server"
       case "$monthly_statistics_report_devices" in
          [Yy][Ee][Ss])
 IFS="
 "
            
-            do_fetch clear_devices.php?hn=$HN
+            do_fetch clear_devices.php?id=$IDTOKEN\&hn=$HN
             for line in `/usr/sbin/pciconf -l | /usr/bin/grep -v none`
             do
                 DRIVER=`echo $line | awk -F\@ '{print $1}'`
@@ -60,7 +87,7 @@
                 DEV=`echo $line | awk '{print $4}' | cut -c8-11`
                 CLASS=`echo $line | awk '{print $2}' | cut -c9-10`
                 SUBCLASS=`echo $line | awk '{print $2}' | cut -c11-14`
-                do_fetch 
report_device.php?driver=$DRIVER\&vendor=$VEN\&device=$DEV\&class=$CLASS\&subclass=$SUBCLASS\&hn=$HN
+                do_fetch 
report_device.php?id=$IDTOKEN\&driver=$DRIVER\&vendor=$VEN\&device=$DEV\&class=$CLASS\&subclass=$SUBCLASS\&hn=$HN
             done
             echo "Posting monthly device statistics to $checkin_server"
 
@@ -69,10 +96,10 @@
             DEV=$( uri_escape $( echo $line | cut -d ' ' -f 2- ) )
             n=0
             count=$( sysctl -n hw.ncpu )
-            do_fetch clear_cpu.php?hn=$HN
+            do_fetch clear_cpu.php?id=$IDTOKEN\&hn=$HN
             while [ $n -lt $count ]
             do
-                do_fetch 
report_cpu.php?cpu_id=CPU$n\&vendor=$VEN\&cpu_type=$DEV\&hn=$HN
+                do_fetch 
report_cpu.php?id=$IDTOKEN\&cpu_id=CPU$n\&vendor=$VEN\&cpu_type=$DEV\&hn=$HN
                 n=$(( $n + 1 ))
             done
             echo "Posting monthly CPU statistics to $checkin_server"

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to