spoofident: A fake identd written in Python Jun 21, 2014

The workhorse function of spoofident

Many protocols such as IRC require or strongly suggest the use of an ident daemon to prove that you are who you say you are, or to hold you accountable for your actions. An identd is supposed to respond to queries as to which user is using which port; however, this information can be potentially dangerous. A real identd allows attackers to gain information about your system - usernames, active ports, even a fingerprint of your active operating system. The RFC linked above even cites these vulnerabilities.

I had a need to run an ident server; however, I am wary of creating unnecessary security holes in my server. That’s why I wrote spoofident. spoofident is a daemon written in Python which provides a custom username/OS response to all incoming ident queries. It is dual-stack (meaning that it runs on both IPv4 and IPv6) and written to consume little resources, less than oidentd. I suggest using it if you are in a situation where you need to provide ident but refuse to compromise the security of your systems for that functionality.

GitHub repo for spoofident

README for spoofident

Defeating Comcast BitTorrent Throttling: The Easy Way Jun 20, 2014

Example settings in Transmission

If you torrent a lot, eventually Comcast/xfinity will throttle your torrent speeds to 20kbps or below. Luckily, there is a simple fix which works without installing any external applications. Simply configure the listening port in your BitTorrent client to be 443, and ensure that the port is open on your router. This works because Comcast’s deep-packet inspection ignores packets on common Internet ports to save processing power, and 443 is the HTTPS port. This fix will not disrupt your HTTPS traffic. This also works on port 80 (HTTP) and port 53 (DNS).

RamNode: One week impressions Jun 15, 2014

I switched my VPS from Hostigation to RamNode recently. Hostigation was a great value when I signed up in 2011 - $30/year for a 128mb KVM box? I mean, come on! However, as the years have gone by, Hostigation has started to fade out of the low end box scene, which concerned me. So I switched to RamNode, which offered me a few advantages:

  • Better geographical location (Atlanta vs. Rock Hill)
  • Better value (twice the resources for 1.25x the price)
  • Better support (IRC presence along with a responsive, fully-staffed support desk)

Today marks one week since I initially signed up with RamNode. Uptime has been 100%, and benchmarks are very positive:

Disk performance:

zach@overflod:~$ dd if=/dev/zero of=test bs=64k count=16k conv=fdatasync; unlink test
16384+0 records in
16384+0 records out
1073741824 bytes (1.1 GB) copied, 2.54237 s, 422 MB/s

I have only encountered one small issue, and that is because I originally signed up for the 128mb OpenVZ package at $14.88/yr. Processes would randomly die and get moved into/out of swap, even though there was plentiful RAM free. So if you’re going to go RamNode, stay away from their OpenVZ offerings.

There are a few fantastic coupon codes right now. WOWNUM1 will get you 38% off any VPS purchase (recurring), and TWOYEAR will get you 42% off, making RamNode a stable and cheap VPS hosting option.