Date: Wed, 14 Dec 2005 00:29:37 +0100 (CET) From: Daniel Roethlisberger <daniel@roe.ch> To: FreeBSD-gnats-submit@FreeBSD.org Cc: daniel@roe.ch Subject: ports/90372: New port: security/fiked - a fake IKE PSK+XAUTH daemon Message-ID: <200512132329.jBDNTbBP033253@marvin.roe> Resent-Message-ID: <200512132340.jBDNe7kL016477@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 90372 >Category: ports >Synopsis: New port: security/fiked - a fake IKE PSK+XAUTH daemon >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Tue Dec 13 23:40:07 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Daniel Roethlisberger >Release: FreeBSD 5.4-RELEASE-p6 i386 >Organization: >Environment: System: FreeBSD marvin.roe 5.4-RELEASE-p6 FreeBSD 5.4-RELEASE-p6 #5: Mon Nov 7 13:20:09 CET 2005 root@marvin.roe:/usr/obj/usr/src/sys/IBMTPX40 i386 >Description: This is a fake IKE daemon supporting just enough of the standards and Cisco extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups. Basically, if you know the pre-shared key, also known as shared secret or group password, you can impersonate the VPN gateway in IKE phase 1, and learn XAUTH user credentials in phase 2. >How-To-Repeat: >Fix: --- fiked-0.0.2.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # fiked # fiked/Makefile # fiked/pkg-descr # fiked/distinfo # echo c - fiked mkdir -p fiked > /dev/null 2>&1 echo x - fiked/Makefile sed 's/^X//' >fiked/Makefile << 'END-of-fiked/Makefile' X# New ports collection makefile for: fiked X# Date created: 2005-12-07 X# Whom: Daniel Roethlisberger <daniel@roe.ch> X# X# $FreeBSD$ X# X XPORTNAME= fiked XPORTVERSION= 0.0.2 XCATEGORIES= security XMASTER_SITES= http://dragon.roe.ch/bitsnpieces/fiked/ X XMAINTAINER= daniel@roe.ch XCOMMENT= A fake IKE PSK+XAUTH daemon based on vpnc X XLIB_DEPENDS= gcrypt.13:${PORTSDIR}/security/libgcrypt XBUILD_DEPENDS= libnet*>=1.1.2,1:${PORTSDIR}/net/libnet X XUSE_BZIP2= yes XUSE_GMAKE= yes X XPLIST_FILES= bin/fiked XMAN1= fiked.1 XPORTDOCS= README X Xpost-patch: X ${LN} -s GNUmakefile ${WRKSRC}/Makefile X Xdo-install: X ${INSTALL_PROGRAM} ${WRKSRC}/fiked ${PREFIX}/bin X ${INSTALL_MAN} ${WRKSRC}/fiked.1 ${PREFIX}/man/man1/ X.if !defined(NOPORTDOCS) X ${MKDIR} ${DOCSDIR} X cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR} X.endif X X.include <bsd.port.mk> END-of-fiked/Makefile echo x - fiked/pkg-descr sed 's/^X//' >fiked/pkg-descr << 'END-of-fiked/pkg-descr' XThis is a fake IKE daemon supporting just enough of the standards and XCisco extensions to attack commonly found insecure Cisco PSK+XAUTH VPN Xsetups. X XBasically, if you know the pre-shared key, also known as shared secret Xor group password, you can impersonate the VPN gateway in IKE phase 1, Xand learn XAUTH user credentials in phase 2. X XAuthor: Daniel Roethlisberger <daniel@roe.ch> XWWW: http://www.roe.ch/FakeIKEd END-of-fiked/pkg-descr echo x - fiked/distinfo sed 's/^X//' >fiked/distinfo << 'END-of-fiked/distinfo' XMD5 (fiked-0.0.2.tar.bz2) = d686f04ddd6da2826e8d2b1a3a7e4177 XSHA256 (fiked-0.0.2.tar.bz2) = ba76c76b0f790434873a7d70f27b796335eaea139d4eac08c1fac01c6c5efe92 XSIZE (fiked-0.0.2.tar.bz2) = 107751 END-of-fiked/distinfo exit --- fiked-0.0.2.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200512132329.jBDNTbBP033253>