diff options
| author | Emanuel Haupt <ehaupt@FreeBSD.org> | 2005-12-16 20:15:06 +0000 |
|---|---|---|
| committer | Emanuel Haupt <ehaupt@FreeBSD.org> | 2005-12-16 20:15:06 +0000 |
| commit | 62ebcfd1d410b1431e01446f997cc35fa24ef989 (patch) | |
| tree | fbd85af7dac49a56f0893de9f515ee3380125b77 /security/fiked | |
| parent | c76db5e25ced99532b50d4fee4a3a614c0105ad6 (diff) | |
| download | ports-62ebcfd1d410b1431e01446f997cc35fa24ef989.tar.gz ports-62ebcfd1d410b1431e01446f997cc35fa24ef989.zip | |
Add, security/fiked, a fake IKE PSK+XAUTH daemon based on VPNC.
This is a fake IKE daemon supporting just enough of the standards and Cisco
extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups.
If you know the pre-shared key, also known as shared secret or group password,
you can impersonate the VPN gateway in IKE phase 1, and learn XAUTH user
credentials in phase 2.
PR: 90372
Submitted by: Daniel Roethlisberger <daniel@roe.ch>
Notes
Notes:
svn path=/head/; revision=151343
Diffstat (limited to 'security/fiked')
| -rw-r--r-- | security/fiked/Makefile | 49 | ||||
| -rw-r--r-- | security/fiked/distinfo | 3 | ||||
| -rw-r--r-- | security/fiked/pkg-descr | 9 |
3 files changed, 61 insertions, 0 deletions
diff --git a/security/fiked/Makefile b/security/fiked/Makefile new file mode 100644 index 000000000000..9f42acc62154 --- /dev/null +++ b/security/fiked/Makefile @@ -0,0 +1,49 @@ +# New ports collection makefile for: fiked +# Date created: 2005-12-07 +# Whom: Daniel Roethlisberger <daniel@roe.ch> +# +# $FreeBSD$ +# + +PORTNAME= fiked +PORTVERSION= 0.0.2 +CATEGORIES= security +MASTER_SITES= http://dragon.roe.ch/bitsnpieces/fiked/ \ + http://home.tiscalinet.ch/roe/fiked/ + +MAINTAINER= daniel@roe.ch +COMMENT= A fake IKE PSK+XAUTH daemon based on VPNC + +LIB_DEPENDS= gcrypt.13:${PORTSDIR}/security/libgcrypt +BUILD_DEPENDS= libnet*>=1.1.2,1:${PORTSDIR}/net/libnet + +USE_BZIP2= yes +USE_GMAKE= yes +USE_REINPLACE= yes + +MAKEFILE= GNUmakefile + +MAKE_ENV+= CC="${CC}" + +PLIST_FILES= bin/fiked +MAN1= fiked.1 +PORTDOCS= README + +.include <bsd.port.pre.mk> + +.if ${OSVERSION} < 500000 +BROKEN= "Does not compile on FreeBSD 4.x" +.endif + +post-patch: + @${REINPLACE_CMD} -e 's|^\(CC\)=|\1?=|; s|=-g|=|' ${WRKSRC}/${MAKEFILE} + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/fiked ${PREFIX}/bin + ${INSTALL_MAN} ${WRKSRC}/fiked.1 ${PREFIX}/man/man1/ +.if !defined(NOPORTDOCS) + ${MKDIR} ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/${PORTDOCS} ${DOCSDIR} +.endif + +.include <bsd.port.post.mk> diff --git a/security/fiked/distinfo b/security/fiked/distinfo new file mode 100644 index 000000000000..8470b68d0003 --- /dev/null +++ b/security/fiked/distinfo @@ -0,0 +1,3 @@ +MD5 (fiked-0.0.2.tar.bz2) = d686f04ddd6da2826e8d2b1a3a7e4177 +SHA256 (fiked-0.0.2.tar.bz2) = ba76c76b0f790434873a7d70f27b796335eaea139d4eac08c1fac01c6c5efe92 +SIZE (fiked-0.0.2.tar.bz2) = 107751 diff --git a/security/fiked/pkg-descr b/security/fiked/pkg-descr new file mode 100644 index 000000000000..dfc08d816f99 --- /dev/null +++ b/security/fiked/pkg-descr @@ -0,0 +1,9 @@ +This is a fake IKE daemon supporting just enough of the standards and Cisco +extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups. + +If you know the pre-shared key, also known as shared secret or group password, +you can impersonate the VPN gateway in IKE phase 1, and learn XAUTH user +credentials in phase 2. + +Author: Daniel Roethlisberger <daniel@roe.ch> +WWW: http://www.roe.ch/FakeIKEd |