CLI tool for obfuscating IP addresses
Python
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.gitignore
LICENSE
README.md
hideip.py
main.py
pgp-wordlist.json
test.py
wordlist.py

README.md

hideip

Command line tool to obfuscate IP addresses in log files, securely. The IP addresses are hashed and recombined to new IP addresses, so that they are still distinguishable but can't be associated with a user's real IP. If the secret salt is long enough (e.g. larger than 64 bytes), the obfuscation should be cryptographically secure meaning it is very hard to reconstruct the original IP addresses.

Features:

  • replace all IPs with 0.0.0.0
  • hash IPs, keeping them distinguishable
  • use a secret salt with hash to hinder reconstruction of the original IPs (use /dev/null if you want unsalted hashes)
  • optional: re-read the secret if it changed (useful for long-running log pipes where the salt is rotated regularly)
  • optional: use PGP words instead of octet notation

Prerequisites:

  • python3
  • cryptography module (pip3 install --user cryptography)

Usage

$ python main -h
usage: main.py [-h] [-i INFILE] [-s] [-o OUTFILE] [-w] [-t TIME]

This module can be used to obfuscate or simply hide ip addresses, e.g. in
server access log files. With a regularly rotated secret, the IPs remain
readable, you can monitor and backtrace the requests of a single IP (for
security auditing, ...) but the actual user IP remains hidden.

optional arguments:
  -h, --help            show this help message and exit
  -i INFILE, --infile INFILE
                        input, read line by line, default: stdin
  -s, --secret          generate pseudonyms (default: set IP to 0.0.0.0)
  -o OUTFILE, --outfile OUTFILE
                        output, appended to, default: stdout
  -w, --words           replace bytes by words, default: False
  -t TIME, --time TIME  validity period of salt <amount>(s|m|d), default: 60m

Test

$ python -m doctest hideip.py

License

Licensed under GNU GPLv3, see LICENSE.

Credits

The PGP wordlist is taken from andreineculau (license: Unlicense)