Ident Spoofing

Today I wrote about Oidentd on Wikipedia. Ident as per RFC 1413 is used for a few different services, in particular IRC. A feature of oidentd that my users find useful is ident spoofing.

Ident is important on IRC as some servers do not allow you to connect unless you have an ident, while others do, you find yourself with a tide (~) prefix before your username. These are sometimes banned. For example:

[email protected]

#This is an example of a real user with a real ident

[email protected]

#This is an example of a possible exploited system

Generally the ident server (such as oidentd) will return the user’s username as the ident when it is requested, however on my servers, I allow some of my users to spoof their ident.

This means they can change their ident to whatever they like, regardless of their username.

To do this, you need to create the $HOME/.oidentd.conf file, with the following content:

global { reply ‘$ident’}

#Note: Where $ident is, replace with the ident you want.

I know some users find this a bit difficult or confusing, so I created a script to do it for them.

It’s works fine using the sh unix shell on FreeBSD.

If you are on my shell servers, you should be able to take advantage of this using the “setident” command.