obfuscate
Anonymizing of domain names, names, directory numbers, crypto keys, IP addresses, and MAC addresses.
Format
- [--config-file x] [--dir-level x] [--domain-name-level x]
- [--ipv4-level x] [--ipv6-level x] [--mac-level x]
- [--key-level x] [--name-level x] [--scrub x]
Function
The translation of names, numbers, IP addresses, and MAC addresses are stored in a configuration file. This file is used as input to get the same translation of anonymized data when anonymizing traces from different program units. The Hex data in the signal trace is not obfuscated. The traces must be printed with parameter -show c, which will not include the hex data in the trace file.
Directory numbers |
Finding number stored as (std::string number). Numbers shorter than 3 digits are not obfuscated. Directory numbers will be replaced by the string Obfuscate-<n>-Dir-<l>, where n is a sequence number, and l is the original number length. |
Domain names |
The domain names in SIP messages are obfuscated and used in other trace parts. The name is replaced by Obfuscate-<n>-Domain, where n is a sequence number. |
IPV4 addresses |
The IP V4 address is obfuscated in the format starting with 300.300.300.300 and incremented for every new IP address found. Depending on the level of obfuscation, octets 3 and 4 can contain the original data. |
IP V6 addresses |
The IPv6 address is obfuscated in the uncompressed format starting with 0:0:0:0:0:0:0, and the following IPv6 address found will obfuscated as 1:1:1:1:1:1:1. |
Crypto Keys |
The found crypto key is obfuscated with Obfuscate-<n>-Key, where n is a sequence number. |
MAC addresses |
The found MAC address is obfuscated with Obfuscate-<n>-Mac, where n is a sequence number. |
Names |
The name found will be obfuscated with Obfuscate-<n>-Name, where n is a sequence number. |
Parameters
- --config-file
Input/output file where the translation data is stored in a CSV format.
If new data is found, the file will be updated with the new data.
If the parameter is not entered, the default file name is used.
/tmp/obfuscate-data.conf
- --dir-levelLevel of obfuscation of directory numbers. Default value is 1.
0
Not obfuscated
1
Directory numbers are obfuscated
- --domain-name-levelLevel of obfuscation on the domain name. Default value is 1.
0
Not obfuscated
1
Domain names are obfuscated
- --ipv4-levelLevel of obfuscating of IPv4 addresses, default 2. Octets are obfuscated with a value starting at 300 and incremented for every new IP address, first found IP will be obfuscated to 300.300.300.300.
0
Not obfuscated
1
2 octets are obfuscated, xxx.xxx.123.123
2
3 octets are obfuscated, xxx.xxx.xxx.123
3
All octets are obfuscated, xxx.xxx.xxx.xxx
- --ipv6-levelLevel of obfuscation of IPv6 address. Default value is 1.
0
Not obfuscated
1
IP V6 addresses are obfuscated
- --key-levelLevel of obfuscation of crypto keys. Default value is 1.
0
Not obfuscated
1
Crypto keys are obfuscated
- --mac-levelLevel of obfuscation of MAC address. Default value is 1.
0
Not obfuscated
1
MAC addresses is obfuscated
- --name-levelLevel of obfuscation of name. Default value is 1.
0
Not obfuscated
1
IP V6 addresses are obfuscated
- --scrub
Free text that will obfuscated, will be replaced with Obfuscate-<n>-Scrub where n is a sequence number. The parameter can be entered multiple time. The entered text will be stored in the configuration file.
Examples
- Filter directly from trace individual 1 to file obfuscated-trace.txt.
trace -print 1 -show c | obfuscate > obfuscated-trace.txt
- Filter trace sorted in file RMP-trace.txt to a new file obfuscated-RMP-trace.txt.
cat RMP-trace.txt | obfuscate > obfuscated-RMP-trace.txt
- Filter trace sorted in file RMP_trace.txt and select a configuration file to be used.
cat RMP-trace.txt | obfuscate --config-file my-configuration.conf > obfuscated-RMP-trace.txt
- Filter trace sorted in file SIPLP_trace.txt and add to obfuscate the text Secret.
cat SIPLP-trace.txt | obfuscate --scrub Secret > obfuscated-SIPLP-trace.txt