[Dxspider-support] rcmd & sh/ver
Brian Stucker
me at kb2s.net
Tue Mar 7 08:32:28 GMT 2023
Food for thought:
Should anyone really be able to gather this sort of information using the
software itself? Seems like an excellent way for an attacker to quickly
find a node that is running a version of the software that they're
interested in exploiting. I suspect you're also going to run into GDPR
concerns as telemetry is still data, the node has personally
identifying information (a callsign), and I believe that would make you a
data processor.
Getting buy-in from spider nodes to send telemetry to a trusted location
would alleviate both concerns and keep the information away from someone
who wanted to use it for "planning" purposes.
73,
Brian - KB2S
On Tue, Mar 7, 2023 at 12:25 AM Kin via Dxspider-support <
dxspider-support at tobit.co.uk> wrote:
> Hi,
>
> I am trying to collect the actual information from the dxspider
> versions/builds.
>
> I have problems with coherence in the data obtained from two different
> nodes
> with sh/ver.
> My intention is to use rcmd to query the version of the nodes because I
> think it does not represent getting sensitive data from the node, but I
> believe the use of rcmd is limited to querying neighbouring nodes. I have
> tested by setting privilege > 0 on nodes that are not directly connected to
> me, if they don't respond. The question is: How can I query the spiders
> with
> rcmd XX0XXX sh/ver.
>
> Thanks.
>
> Kin EA3CV
>
>
>
> _______________________________________________
> Dxspider-support mailing list
> Dxspider-support at tobit.co.uk
> https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.tobit.co.uk/pipermail/dxspider-support/attachments/20230307/12fbbe1c/attachment.htm>
More information about the Dxspider-support
mailing list