From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Dec 13 23:40:14 2005 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3AB5416A428 for ; Tue, 13 Dec 2005 23:40:14 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 19B0C43D5C for ; Tue, 13 Dec 2005 23:40:13 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id jBDNe79G016478 for ; Tue, 13 Dec 2005 23:40:07 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id jBDNe7kL016477; Tue, 13 Dec 2005 23:40:07 GMT (envelope-from gnats) Resent-Date: Tue, 13 Dec 2005 23:40:07 GMT Resent-Message-Id: <200512132340.jBDNe7kL016477@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Daniel Roethlisberger Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8597816A420 for ; Tue, 13 Dec 2005 23:29:46 +0000 (GMT) (envelope-from roe@dragon.roe.ch) Received: from dragon.roe.ch (dragon.roe.ch [212.53.102.185]) by mx1.FreeBSD.org (Postfix) with ESMTP id E369C43D5D for ; Tue, 13 Dec 2005 23:29:44 +0000 (GMT) (envelope-from roe@dragon.roe.ch) Received: from marvin.roe ([192.168.1.6]) by dragon.roe.ch (envelope-from ) with ESMTP (TLSv1:AES256-SHA:256) id 1EmJaY-0006jo-00 for FreeBSD-gnats-submit@freebsd.org; Wed, 14 Dec 2005 00:29:42 +0100 Received: from marvin.roe (localhost [127.0.0.1]) by marvin.roe (8.13.3/8.13.1) with ESMTP id jBDNTb5j033254; Wed, 14 Dec 2005 00:29:37 +0100 (CET) (envelope-from roe@localhost.roe) Received: (from roe@localhost) by marvin.roe (8.13.3/8.13.1/Submit) id jBDNTbBP033253; Wed, 14 Dec 2005 00:29:37 +0100 (CET) (envelope-from roe) Message-Id: <200512132329.jBDNTbBP033253@marvin.roe> Date: Wed, 14 Dec 2005 00:29:37 +0100 (CET) From: Daniel Roethlisberger To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: daniel@roe.ch Subject: ports/90372: New port: security/fiked - a fake IKE PSK+XAUTH daemon X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Daniel Roethlisberger List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Dec 2005 23:40:14 -0000 >Number: 90372 >Category: ports >Synopsis: New port: security/fiked - a fake IKE PSK+XAUTH daemon >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Tue Dec 13 23:40:07 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Daniel Roethlisberger >Release: FreeBSD 5.4-RELEASE-p6 i386 >Organization: >Environment: System: FreeBSD marvin.roe 5.4-RELEASE-p6 FreeBSD 5.4-RELEASE-p6 #5: Mon Nov 7 13:20:09 CET 2005 root@marvin.roe:/usr/obj/usr/src/sys/IBMTPX40 i386 >Description: This is a fake IKE daemon supporting just enough of the standards and Cisco extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups. Basically, if you know the pre-shared key, also known as shared secret or group password, you can impersonate the VPN gateway in IKE phase 1, and learn XAUTH user credentials in phase 2. >How-To-Repeat: >Fix: --- fiked-0.0.2.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # fiked # fiked/Makefile # fiked/pkg-descr # fiked/distinfo # echo c - fiked mkdir -p fiked > /dev/null 2>&1 echo x - fiked/Makefile sed 's/^X//' >fiked/Makefile << 'END-of-fiked/Makefile' X# New ports collection makefile for: fiked X# Date created: 2005-12-07 X# Whom: Daniel Roethlisberger X# X# $FreeBSD$ X# X XPORTNAME= fiked XPORTVERSION= 0.0.2 XCATEGORIES= security XMASTER_SITES= http://dragon.roe.ch/bitsnpieces/fiked/ X XMAINTAINER= daniel@roe.ch XCOMMENT= A fake IKE PSK+XAUTH daemon based on vpnc X XLIB_DEPENDS= gcrypt.13:${PORTSDIR}/security/libgcrypt XBUILD_DEPENDS= libnet*>=1.1.2,1:${PORTSDIR}/net/libnet X XUSE_BZIP2= yes XUSE_GMAKE= yes X XPLIST_FILES= bin/fiked XMAN1= fiked.1 XPORTDOCS= README X Xpost-patch: X ${LN} -s GNUmakefile ${WRKSRC}/Makefile X Xdo-install: X ${INSTALL_PROGRAM} ${WRKSRC}/fiked ${PREFIX}/bin X ${INSTALL_MAN} ${WRKSRC}/fiked.1 ${PREFIX}/man/man1/ X.if !defined(NOPORTDOCS) X ${MKDIR} ${DOCSDIR} X cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR} X.endif X X.include END-of-fiked/Makefile echo x - fiked/pkg-descr sed 's/^X//' >fiked/pkg-descr << 'END-of-fiked/pkg-descr' XThis is a fake IKE daemon supporting just enough of the standards and XCisco extensions to attack commonly found insecure Cisco PSK+XAUTH VPN Xsetups. X XBasically, if you know the pre-shared key, also known as shared secret Xor group password, you can impersonate the VPN gateway in IKE phase 1, Xand learn XAUTH user credentials in phase 2. X XAuthor: Daniel Roethlisberger XWWW: http://www.roe.ch/FakeIKEd END-of-fiked/pkg-descr echo x - fiked/distinfo sed 's/^X//' >fiked/distinfo << 'END-of-fiked/distinfo' XMD5 (fiked-0.0.2.tar.bz2) = d686f04ddd6da2826e8d2b1a3a7e4177 XSHA256 (fiked-0.0.2.tar.bz2) = ba76c76b0f790434873a7d70f27b796335eaea139d4eac08c1fac01c6c5efe92 XSIZE (fiked-0.0.2.tar.bz2) = 107751 END-of-fiked/distinfo exit --- fiked-0.0.2.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted: