Final changes for v1.4.

git-svn-id: svn+ssh://svn.nta-monitor.com/trunk/opensource/arp-scan@7904 062a1500-4a13-0410-a63b-ee65f32af78f

Author: royhills

Diff for: Makefile.am

@@ -7,7 +7,7 @@ bin_PROGRAMS = arp-scan
 #
 dist_bin_SCRIPTS = get-oui get-iab arp-fingerprint
 #
-dist_check_SCRIPTS = check-arp-scan-run1
+dist_check_SCRIPTS = check-run1
 #
 dist_man_MANS = arp-scan.1 get-oui.1 get-iab.1 arp-fingerprint.1
 #

Diff for: TODO

@@ -3,3 +3,6 @@ $Id$
 Code tidy up: reduce the number of global variables.
 
 Additional ARP fingerprinting options, e.g. arpsha != srcaddr.
+
+Use libnet or another packet creation library to allow arp-scan to run on
+non-linux platforms.

Diff for: arp-fingerprint

@@ -73,6 +73,7 @@ my $arpscan="arp-scan -N -q -r 1";
 # PIX OS	PIX OS on PIX Firewall at 7663
 # WinME		Windows ME on VMware
 # HP-UX 11	HP-UX B.11.00 A 9000/712 (PA-RISC)
+# PIX OS	PIX OS (unknown vsn) on Cisco PIX 525
 #
 my %fp_hash = (
    '11110100000' => 'FreeBSD 5.3, Win98, WinME, NT4, 2000, XP, 2003',
@@ -87,8 +88,8 @@ my %fp_hash = (
    '10110100000' => 'Win 3.11, 95, NT 3.51',
    '11110000011' => '4.3 BSD, OpenBSD 3.1, OpenBSD 3.9',
    '10110110000' => 'NetBSD 2.0.2',
-   '00010110011' => 'Unknown 1', # dwk at 7663 in June 2006, Entrada Networks
-   '01010110011' => 'PIX OS', # dwk at 7663 in June 2006, Cisco
+   '00010110011' => 'PIX OS', # dwk at 7663 in June 2006, Cisco PIX 525
+   '01010110011' => 'PIX OS', # dwk at 7663 in June 2006, Cisco PIX 525
    '00000110000' => 'Netware 6.5',
    );
 #
@@ -144,7 +145,7 @@ if (&fp("","$target") eq "1") {
    $fingerprint .= &fp("--arphrd=255","$target");
 # 8: invalid arp protocol type
    $fingerprint .= &fp("--arppro=0xffff","$target");
-# 9: arp prototocol type = Novell IPX
+# 9: arp protocol type = Novell IPX
    $fingerprint .= &fp("--arppro=0x8137","$target");
 # 10: invalid protocol address length
    $fingerprint .= &fp("--arppln=6","$target");

Diff for: arp-fingerprint.1

@@ -1,6 +1,6 @@
 .\" $Id$
 .TH ARP-FINGERPRINT 1 "June 8, 2006"
-.\" Please adjust this date whenever revising the manpage.
+.\" Please adjust this date whenever revising the man page.
 .SH NAME
 arp-fingerprint \- Fingerprint a system using ARP
 .SH SYNOPSIS
@@ -21,7 +21,7 @@ This fingerprint string is then used to lookup the likely target operating syste
 Many of the fingerprint strings are shared by several operating systems, so
 there is not always a one-to-one mapping between fingerprint strings and
 operating systems. Also the fact that a system's fingerprint matches a certain
-operating system (or list of operating systems) does not necesarily mean that
+operating system (or list of operating systems) does not necessarily mean that
 the system being fingerprinted is that operating system, although it is quite
 likely. This is because the list of operating systems is not exhaustive; it is
 just what I have discovered to date, and there are bound to be operating

Diff for: arp-scan.1

@@ -1,6 +1,6 @@
 .\" $Id$
 .TH ARP-SCAN 1 "June 25, 2006"
-.\" Please adjust this date whenever revising the manpage.
+.\" Please adjust this date whenever revising the man page.
 .SH NAME
 arp-scan \- The ARP scanner
 .SH SYNOPSIS
@@ -486,7 +486,7 @@ List of IEEE IAB (Individual Address Block) to vendor mappings.
 .I /usr/local/share/ether-scan-engine/mac-vendor.txt
 List of other Ethernet MAC to vendor mappings.
 .SH EXAMPLES
-This example shows
+The example below shows
 .B arp-scan
 being used to scan the network
 .I 192.168.0.0/24
@@ -496,7 +496,7 @@ using the network interface
 .nf
 $ arp-scan --interface=eth0 192.168.0.0/24
 Interface: eth0, datalink type: EN10MB (Ethernet)
-Starting arp-scan 1.3 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/)
+Starting arp-scan 1.4 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/)
 192.168.0.1     00:c0:9f:09:b8:db       QUANTA COMPUTER, INC.
 192.168.0.3     00:02:b3:bb:66:98       Intel Corporation
 192.168.0.5     00:02:a5:90:c3:e6       Compaq Computer Corporation
@@ -514,6 +514,34 @@ Starting arp-scan 1.3 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/
 13 packets received by filter, 0 packets dropped by kernel
 Ending arp-scan: 256 hosts scanned in 3.386 seconds (75.61 hosts/sec).  13 responded
 .fi
+.PP
+This next example shows
+.B arp-scan
+being used to scan the local network after configuring the
+network interface with DHCP using
+.IR pump .
+.PP
+.nf
+# pump
+# ifconfig eth0
+eth0      Link encap:Ethernet  HWaddr 00:D0:B7:0B:DD:C7
+          inet addr:10.0.84.178  Bcast:10.0.84.183  Mask:255.255.255.248
+          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
+          RX packets:46335 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:1542776 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:1644 txqueuelen:1000
+          RX bytes:6184146 (5.8 MiB)  TX bytes:348887835 (332.7 MiB)
+# arp-scan --localnet
+Interface: eth0, datalink type: EN10MB (Ethernet)
+Starting arp-scan 1.4 with 8 hosts (http://www.nta-monitor.com/tools/arp-scan/)
+10.0.84.179     00:02:b3:63:c7:57       Intel Corporation
+10.0.84.177     00:d0:41:08:be:e8       AMIGO TECHNOLOGY CO., LTD.
+10.0.84.180     00:02:b3:bd:82:9b       Intel Corporation
+10.0.84.181     00:02:b3:1f:73:da       Intel Corporation
+
+4 packets received by filter, 0 packets dropped by kernel
+Ending arp-scan 1.4: 8 hosts scanned in 0.820 seconds (9.76 hosts/sec).  4 responded
+.fi
 .SH AUTHOR
 Roy Hills <[email protected]>
 .SH "SEE ALSO"

Diff for: arp-scan.c

@@ -2042,7 +2042,7 @@ add_mac_vendor(struct hash_control *table, const char *filename) {
    int result;
    const char *result_str;
 /*
- *	Complile the regex pattern if this is the first time we
+ *	Compile the regex pattern if this is the first time we
  *	have been called.
  */
    if (first_call) {

Diff for: check-arp-scan-run1 renamed to check-run1

@@ -1,14 +1,14 @@
 #!/bin/sh
-# $Id: check-arp-scan-run1 6194 2006-03-09 14:27:39Z rsh $
+# $Id: check-run1 6194 2006-03-09 14:27:39Z rsh $
 #
-# check-arp-scan-run1 -- Shell script to test arp-scan basic functionality
+# check-run1 -- Shell script to test arp-scan basic functionality
 #
 # Author: Roy Hills
 # Date: 9 March 2006
 #
 # This shell script checks that "arp-scan --help" and "arp-scan --version"
-# work.  These options don't use much of the arp-scan functionallity, so if
-# they fail, then there is a fundimental problem with the program.
+# work.  These options don't use much of the arp-scan functionality, so if
+# they fail, then there is a fundamental problem with the program.
 #
 TMPFILE=/tmp/arp-scan-test.$$.tmp
 #

Diff for: configure.ac

@@ -1,7 +1,7 @@
 dnl $Id$
 dnl Process this file with autoconf to produce a configure script.
 
-AC_INIT([arp-scan], [1.3], [[email protected]])
+AC_INIT([arp-scan], [1.4], [[email protected]])
 AC_PREREQ(2.59)
 AC_REVISION($Revision$)
 AC_CONFIG_SRCDIR([arp-scan.c])

Diff for: get-iab

@@ -25,7 +25,7 @@
 # converts it to the format needed by arp-scan.
 #
 # This script assumes that all the IAB entries start with 00-50-C2. This
-# is currently the case, and will probably be so for the forseeable
+# is currently the case, and will probably be so for the foreseeable
 # future.
 #
 use warnings;

Diff for: get-iab.1

@@ -1,6 +1,6 @@
 .\" $Id: get-iab.1 7780 2006-06-20 08:32:01Z rsh $
 .TH GET-IAB 1 "May 30, 2006"
-.\" Please adjust this date whenever revising the manpage.
+.\" Please adjust this date whenever revising the man page.
 .SH NAME
 get-iab \- Fetch the arp-scan IAB file from the IEEE website
 .SH SYNOPSIS

Diff for: get-oui.1

@@ -1,6 +1,6 @@
 .\" $Id$
 .TH GET-OUI 1 "May 30, 2006"
-.\" Please adjust this date whenever revising the manpage.
+.\" Please adjust this date whenever revising the man page.
 .SH NAME
 get-oui \- Fetch the arp-scan OUI file from the IEEE website
 .SH SYNOPSIS

Diff for: utils.c

@@ -411,7 +411,7 @@ print_times(void) {
  * 01-23-45-67-89-ab
  * 01:23:45:67:89:ab
  *
- * The hax characters [a-z] may be specified in either upper or lower case.
+ * The hex characters [a-z] may be specified in either upper or lower case.
  */
 int
 get_ether_addr(const char *address_string, unsigned char *ether_addr) {