[plug] Identd server that "hides" the user

James Bromberger james at rcpt.to
Tue Oct 19 10:44:57 WST 2010 

Hi Tim,

You could write one. As a Perl hacker, I'd look at:

http://search.cpan.org/~jettero/Net-IdentServer-0.56/IdentServer.pm

With a nice example there that implements and IdentD server that returns
a random word from the dictionary each time. Perhaps in order to be
consistent, could modify that so instead of looking up the dictionary,
it returns an md5 of the user in question. So in the example of
"RandomIdentServer", change:

        if( $type eq "UNIX" ) {
            # intercept these valid responses and randomize them

            $info = $this->choice;
        }

to something like:

        if( $type eq "UNIX" ) {
            # intercept these valid responses and md5 them
*	    use Digest::MD5 qw(md5_base64);
            $info = md5_base64($info);*
        }


(I'd put the *use *statement in the new() function, but you get the idea).

  James




On 19/10/2010 10:12, Tim wrote:
> I'm searching for an identd server that hides the true identity of the
> user (so it's not giving out login names).
> Basically it needs to return a string that can be reversed on the
> server. pidentd was supposed to do this (with DES) encryption but the
> string is too long and gets truncated (by the clients requesting the
> ident) and the idecrypt application totally failed to work.
> I was playing with oidentd but could never actually get it to work for
> me. I got it returning the root user as UNKNOWN, but couldn't get it
> to return ether random, random_numeric, or numeric (uid) for my users.
> It always returned the users login name.
> I'm about to give ident2 a try, hopefully it's random replies will
> work, AND it'll log them so I can look back through logs to work out
> who was who. Ideally though, I want it to return the SAME random reply
> for each user. So essentially a mapping.
> e.g.
> user -> reply
> bob -> bravo457
> carol -> frizby334
> etc etc
>
> Anyone attempted this before and can point me in the right direction?
> It seems that identd documentation is sparse for the different daemons
> people have written, and while they sound like they do what I want,
> I've not been able to get them to do what I want!
>
> Thanks
>
> Tim
>


-- 
*James Bromberger*
Aus Mobile: +61 422 166 708
Email: james /_AT_/ rcpt.to, Web: www.james.rcpt.to
<http://www.james.rcpt.to/>
MSN: james/_AT_/rcpt.to, AIM: JamesEBromberger, Skype: james.bromberger
(/_AT_/ -> @)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20101019/8b025079/attachment.html>

More information about the plug mailing list