Nikolas Britton wrote: > Ok... With my new script it took only 158 minutes to compute ALL > TCP/IP address hashes. I'll repeat that... I have an md5 hash for > every IP address in the world! All I need to do is grep your hash and > it will tell me your IP address. yippee! :-) > > Can we please find a new method to track hosts... perhaps my earlier > example: ifconfig |md5. If not please remove my entries in the > database.
How about the attached diff. As discussed else-thread, this generates
a random ID 128bit token -- the chances of any two hosts generating the
same token are so minuscule as to be negligible. The token is cached in
a file /var/db/bsdstats for re-use in later months.
This also adds the capability for the paranoid to withhold the hostname
of the machine, and it removes what looks like a forgotten bit of debugging
code that would mean Marc would get quite a lot of e-mail each month...
I believe the default for CGI scripts is to ignore any extra parameters
that they weren't programmed to expect[1], so this should even be compatible
with the current bsdstats stuff.
Cheers,
Matthew
[1] No one would seriously contemplate running PHP with 'register_globals'
enabled in this day and age would they?
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
--- /usr/ports/sysutils/bsdstats/files/300.statistics Thu Aug 10 10:58:00 2006
+++ 300.statistics Fri Aug 11 12:56:54 2006
@@ -5,7 +5,6 @@
# If there is a global system configuration file, suck it in.
#
-monthly_statistics_mailto="[EMAIL PROTECTED],root"
if [ -r /etc/defaults/periodic.conf ]
then
. /etc/defaults/periodic.conf
@@ -37,22 +36,50 @@
/usr/bin/fetch -qo /dev/null "http://$checkin_server/scripts/$1";
}
-checkin_server="bsdstats.hub.org";
+get_id_token () {
+ if [ -f $id_token_file ] ;
+ then
+ . $id_token_file
+ else
+ IDTOKEN=$( openssl rand -base64 16 )
+ touch $id_token_file && \
+ chown root:wheel $id_token_file && \
+ chmod 600 $id_token_file && \
+ echo "IDTOKEN='$IDTOKEN'" > $id_token_file
+ fi
+ IDTOKEN=$( uri_escape $IDTOKEN )
+}
+
+checkin_server='bsdstats.hub.org'
+id_token_file='/var/db/bsdstats'
+
+# Send hostname to the stats server? Default yes -- set to "NO"
+# in periodic.conf if desired.
+
+monthly_statistics_reveal_hostname=${monthly_statisics_reveal_hostname-"YES"}
case "$monthly_statistics_enable" in
[Yy][Ee][Ss])
- HN=`/bin/hostname`
+ get_id_token
+ case "$monthly_statistics_reveal_hostname" in
+ [Yy][Ee][Ss])
+ HN=`/bin/hostname`
+ ;;
+ *)
+ HN='(no-hostname)'
+ ;;
+ esac
SYS=`/usr/bin/uname -r`
ARCH=`/usr/bin/uname -m`
OS=`/usr/bin/uname -s`
- do_fetch getid.php?hn=$HN\&sys=$SYS\&arch=$ARCH\&opsys=$OS
+ do_fetch getid.php?id=$IDTOKEN\&hn=$HN\&sys=$SYS\&arch=$ARCH\&opsys=$OS
echo "Posting monthly OS statistics to $checkin_server"
case "$monthly_statistics_report_devices" in
[Yy][Ee][Ss])
IFS="
"
- do_fetch clear_devices.php?hn=$HN
+ do_fetch clear_devices.php?id=$IDTOKEN\&hn=$HN
for line in `/usr/sbin/pciconf -l | /usr/bin/grep -v none`
do
DRIVER=`echo $line | awk -F\@ '{print $1}'`
@@ -60,7 +87,7 @@
DEV=`echo $line | awk '{print $4}' | cut -c8-11`
CLASS=`echo $line | awk '{print $2}' | cut -c9-10`
SUBCLASS=`echo $line | awk '{print $2}' | cut -c11-14`
- do_fetch
report_device.php?driver=$DRIVER\&vendor=$VEN\&device=$DEV\&class=$CLASS\&subclass=$SUBCLASS\&hn=$HN
+ do_fetch
report_device.php?id=$IDTOKEN\&driver=$DRIVER\&vendor=$VEN\&device=$DEV\&class=$CLASS\&subclass=$SUBCLASS\&hn=$HN
done
echo "Posting monthly device statistics to $checkin_server"
@@ -69,10 +96,10 @@
DEV=$( uri_escape $( echo $line | cut -d ' ' -f 2- ) )
n=0
count=$( sysctl -n hw.ncpu )
- do_fetch clear_cpu.php?hn=$HN
+ do_fetch clear_cpu.php?id=$IDTOKEN\&hn=$HN
while [ $n -lt $count ]
do
- do_fetch
report_cpu.php?cpu_id=CPU$n\&vendor=$VEN\&cpu_type=$DEV\&hn=$HN
+ do_fetch
report_cpu.php?id=$IDTOKEN\&cpu_id=CPU$n\&vendor=$VEN\&cpu_type=$DEV\&hn=$HN
n=$(( $n + 1 ))
done
echo "Posting monthly CPU statistics to $checkin_server"
signature.asc
Description: OpenPGP digital signature
