Download Shareware and Freeware Software for Windows, Linux, Macintosh, PDA

line Home  |  About Us  |  Link To Us  |  FAQ  |  Contact

Serving Software Downloads in 976 Categories, Downloaded 29.540.837 Times

smspasswd 0.1

  Date Added: April 10, 2010  |  Visits: 971

smspasswd

Report Broken Link
Printer Friendly Version


Product Homepage
Download (86 downloads)



smspasswd software provides two factor authentication via cell phone short message service (SMS). The reason I wrote this was because of all the pesky SSH brute force attacks, which continue to build in numbers. I didn’t want to waste money and time on using tokens because the few people who have accounts on my machines also have mobile phones. I’m stoked that I have been using this since v0.1 back in 2005 and so far it’s worked very well with no changes. I’m hoping for feedback to get me motivated to develop this some more. Thanks to my good friend Solomon who has encouraged me to start posting some of my fun projects on the web. Any feedback is more than welcome to ed -at- e-things.org. How does this work? The simple explanation for the average user goes a little like this. You use your normal password followed by a 6 digit number. To get access to a system you need to send an SMS from your pre-registered mobile phone number with a PIN. The systems admin folk will assign you a 4 digit pin and give you the mobile number to send your login request to. So, when you want to login, just send a text (SMS) to the phone number provided, with your 4 digit PIN. Shortly after you will receive a 6 digit number in a text (SMS) to your phone. Then login as normal using you normal password followed by the 6 digit number. You can use this same 6 digit number as many times as you like within a time period set by the systems admin folk. Simple right? Ok then, perhaps not much more complex than a token? Now for the spanner-head explanation. smspasswd is a Perl application that runs as a daemon. It uses a MySQL back-end database which stores the usernames, mobile numbers, PIN’s, passwords, tokens, and the amount of time each users token (temporary x digit code) is valid for. smspasswd uses the information in the MySQl database to update your LDAP server based on a polling frequency you set in it’s config file. You can also set lots of other options in the config file and these are covered in the Features section below. smspasswd talks to a SMS gateway to send and receive new token requests. In my case it’s a cheap pre-paid Nokia 7110 connected to COM1 (/dev/ttys0) via gnokii. The authentication process goes a little like this. The user sends a SMS to your gnokii phone with their PIN. Note the PIN is not really important because it will get saved in the users SMS outbox, so it could just be “request” or “foobar”. What’s important is that the SMS must come from the correct number for that user, and even if this could be spoofed, the reply will still go the users mobile number in the database anyway. Then smspasswd checks the database for the users mobile phone number and if it finds a match it will send a x digit code to the number registered for that user. At this point the password for this user will be updated in the local LDAP server with their normal password, followed by their new x digit code. Once the user has the SMS with the new code they can login. You should setup your systems and applications for LDAP authentication, and if you wish you can configure your FreeRADUIS server to authenticate via OpenLDAP. Or you can use some commercial LDAP or RADIUS system. FreeRADIUS and OpenLDAP work just fine for me. Confused? Drop me an email and I’ll make a nice diagram with Dia. Features Here’s the config file, and check the source. ################################################## # smspasswd config file # ################################################## # minumum password length # minPasswordLength 6 # minimum username length # minUsernameLength 2 # minimum PIN length # minPinLength 4 # database options # dbName smspasswd dbUsername smspasswd dbPassword [enter the database users password here] dbHostname localhost dbPort 3306 dbEncryptionKey [enter a very long and random string here] # gnokii options # gnokii /usr/local/bin/gnokii gnokiiMailBox IN # Check interval. This is the amount of time to # wait between incoming SMS checks in seconds as # well as user timeout checks # checkInterval 15 # LDAP server option # ldapServer localhost ldapBindDn cn=Manager,dc=yourdomain,dc=com ldapPassword [enter your LDAP users password here] ldapBiseDn ou=People,dc=yourdomain,dc=com # Email notification for non pin request SMS messages # This is very useful if you would like to be emailed # the ‘your pre-paid account is about to expire’ messages. # Note: PIN requests will not be emailed. # emailNotify yes emailToAddress root@localhost emailFromAddress root@localhost emailSubject SMS notification from smspasswd. smspasswd is an application I wrote back in December of 2005. There reason I wrote this was because of all the pesky SSH brute force attacks, which continue to

Requirements: No special requirements
Platforms: Linux
Keyword: Cell Phone Config File Digit Digit Number Ldap Message Service Number Password Phone Pin Short Message Short Message Service Sms Two Factor Two Factor Authentication User
Users rating: 0/10

License: Freeware Size: 4.1 KB
USER REVIEWS
More Reviews or Write Review


SMSPASSWD RELATED
Libraries  -  HH::Unispool::Config::File::Token::Unnumbered::Bcs 0.3
HH::Unispool::Config::File::Token::Unnumbered::Bcs is a Perl class for BCS B tokens. SYNOPSIS Application programmers dont need to use this class and API programmers read code. ABSTRACT class for BCS B tokens...
133.12 KB  
Libraries  -  Config::File 1.4
Config::File is a Perl module to parse a simple configuration file. SYNOPSIS use Config::File; my $config_hash = Config::File::read_config_file($configuration_file); read_config_file parses a simple configuration file and stores its values...
4.1 KB  
Libraries  -  Samba::LDAP::Config 0.03
Samba::LDAP::Config is a Perl module to config file related tasks for Samba::LDAP. SYNOPSIS use Samba::LDAP::Config; my $config = Samba::LDAP::Config->new() or die "Cant create objectn"; # Returns where smbldap.conf, smbldap_bind.conf and...
81.92 KB  
Libraries  -  Chroniton::Config 0.03
Chroniton::Config it manages config file for Chroniton. SYNOPSIS my $config = Chroniton::Config->new; METHODS new Creates an instance. Takes no arguments. destination Returns the directory where the backup should be placed....
55.3 KB  
Libraries  -  Config::JSON 1.0.3
Config::JSON is a JSON based config file system. SYNOPSIS use Config::JSON; my $config = Config::JSON->create($pathToFile); my $config = Config::JSON->new($pathToFile); my $element = $config->get($param); $config->set($param,$value);...
5.12 KB  
Libraries  -  Pod::InComments 0.9
Pod::InComments is a Perl extension for extracting POD documentation from comments in config file. SYNOPSIS use Pod::InComments; my $podparser = Pod::InComments->new( comment => ; ); $podparser->ParseFile( $my_config_file );...
5.12 KB  
Wallpaper Tools  -  Domino Blue Milk
Domino Blue Milk is a Domino config file that looks like MacOS Xs Milk with a blue touch. Started from Polyester-Blue color profile, transformed it to a murrina-domino config and then customized to add brightness to buttons, scrollbars and...
 
Education  -  MB Telephone Number Numerology 1.0
MB Telephone Number Numerology Software does a free telephone number numerology analysis and tells you if the telephone number or the mobile number you are using is suitable for you or not. This wonderful numerology software for phone number...
621 KB  
Windows Software  -  Phone number location lookup 2011 11.02
Phone Number Location Lookup 2011 is a free software which helps you to determine the geographical location of any US phone number. You can enter any US phone number and the application will search and find its location. The location is neatly...
7.26 MB  
Programming  -  CGI::Application::Plugin::Config::Perl 1.40
CGI::Application::Plugin::Config::Perl adds easy access to a pure Perl config file to your CGI::Application projects. Lazy loading is used to prevent the config file from being parsed if no configuration variables are accessed during the request,...
10.24 KB  
NEW DOWNLOADS IN LINUX SOFTWARE, SECURITY TOOLS
Linux Software  -  Polling Autodialer Software 3.4
ICTBroadcast Auto Dialer software has a survey campaign for telephone surveys and polls. This auto dialer software automatically dials a list of numbers and asks them a set of questions that they can respond to, by using their telephone keypad....
488 B  
Linux Software  -  Total Video Converter Mac Free 3.5.5
Total Video Converter Mac Free developed by EffectMatrix Ltd is the official legal version of Total Video Converter which was a globally recognized brand since 2006. Total Video Converter Mac Free is a free but powerful all-in-one video...
17.7 MB  
Linux Software  -  Skeith mod_log_sql Analyzer 2.10beta2
Skeith is a php based front end for analyzing logs for Apache using mod_log_sql.
47.5 KB  
Linux Software  -  SLAX 6.0+
Slax is a modern, portable, small and fast Linux operating system with a modular approach and outstanding design. Despite its small size, Slax provides a wide collection of pre-installed software for daily use, including a well organized graphical...
190 KB  
Linux Software  -  GTK+ 2.5
GTK+, which stands for the GIMP Toolkit, is a library for creating graphical user interfaces for the X Window System. It is designed to be small, efficient, and flexible. GTK+ is written in C with a very object-oriented approach. Language bindings...
60 MB  
Security Tools  -  Free AntiSpyware 7.2.5
As powerful and professional anti-spyware software, Free AntiSpyware has ability to detect & stop the latest and most malicious programs that are doing harm to your computer and breaking your privacy. This free spyware remover software helps...
128.08 MB  
Security Tools  -  paraproxy 1.1
paraproxy is a supplement library for paramiko which adds support for SSH2 proxy commands. #md5=0c7041e8d2d7e49b09df526bba3efb28 #md5=1fbb4f888f40a01439ff27458c6210eb #md5=493c0f426e376427c30f3f39ebc8dac1
20.48 KB  
Security Tools  -  pam_smxs 1.6
pam_smxs is a PAM module that authenticates a user using challenge-response. All tokens that support ANSI X9.9 are currently supported and it provides full support for CryptoCard RB1 tokens.
522.24 KB  
Security Tools  -  DoudouLinux 2011-11
DoudouLinux [1] is a system specially designed for children to make computer use as easy and pleasant as possible for them (and for their parents too! [2]). DoudouLinux provides tens of applications that suit children from 2 to 12 years and tries...
964.17 MB  
Security Tools  -  django-auth-ldap 1.0.19
This authentication backend enables a Django project to authenticate against any LDAP server. To use it, add django_auth_ldap.backend.LDAPBackend to AUTHENTICATION_BACKENDS. It is not necessary to add django_auth_ldap to INSTALLED_APPLICATIONS...
30.72 KB