fauxident | |||||
---|---|---|---|---|---|
SummaryA simple, faked ident daemon. Overviewfauxident is a small Python script that will act as an extremely naive ident server, answering all ident requests with a consistent response -- either an ERROR or a USERID response. This can be advantageous on systems where running a true identd is unavailable, where it would be a security risk, or when masquerading firewalls are in use, where multiple machines are involved behind the firewall and running a proper ident system is not an option. Getting the softwareThe current version of fauxident is 1.2.1. The latest version of the software is available in a tarball here: http://www.alcyone.com/software/fauxident/fauxident-latest.tar.gz. The official URL for this Web site is http://www.alcyone.com/software/fauxident/. Requirementsfauxident requires Python 2.x or greater and a Unix or Unix-like operating system. LicenseThis code is released under the GPL. IntroductionAn ident server is intended to get information on correlations between client and server ports on a machine, and connect them to the user involved with using it. ident is used implicitly by some other services; for instance, many IRC servers check for ident responses from connecting clients, and some in fact will reject clients which do not have an ident server running. The intent of this program is to allow users who cannot otherwise run identd servers (either for security or network topology reasons) to set up something that will respond, albeit trivially, with an ident response. Note that the server does understand the ident protocol enough to be able to detect, and response with the proper error messages to, malformed queries. The fauxident.py program should be run from the command line. By default it will act as a daemon. Also, since it binds to port 113 by default, root access is required. Any server that is already bound to port 113, of course, will prevent fauxident.py from running. InvocationThe following command line options alter the behavior of the program as follows:
Sample usage By default the server will start in the background and bind to the
standard port and respond to all queries as if the port pair were
owned by the user ./fauxident.py An alternate interface and/or port can be chosen: ./fauxident.py -a 10.0.0.1 -p 8113 Different realms and user names can be chosen. For instance, to
have the server respond as ./fauxident.py -r OTHER -u nobody Multiple names can be specified, separated by commas (with no intervening spaces), and one will be selected randomly each time: ./fauxident.py -u larry,curly,moe The -m option can be include which causes the user to be randomly permuted (the letters shuffled) each time the name is generated (but before the suffix, if any, is appended): ./fauxident.py -u noname -m Additionally, the -s option can be used to specify a suffixed random number (padded with zeroes) of the given length in each response: ./fauxident.py -u resu -s 4 This last example will respond each time with a different
randomized name with a four-digit suffixed random number, e.g.,
One can also configure the server to always respond with errors: ./fauxident.py -N ./fauxident.py -H Wish list
References
Release history
AuthorThis module was written by Erik Max Francis. If you use this software, have suggestions for future releases, or bug reports, I'd love to hear about it. VersionVersion 1.2.1 $Date: 2003/10/21 $ $Author: max $
|