[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

macwatch 0.5



a new version of macwatch is included in Gianni's latest snapshot of Thu
08 Apr 2003
(http://www.scaramanga.co.uk/firestorm/firestorm-snapshot.tar.gz)

TODOs that have become HAVEDONEs:
o verify ethernet address against arp hardware address
o check arp decoder layer flags to make sure addresses are available
o Gratuitous arp detection (sender/target protocol addresses match)
o Unicast request detection (toggleable to disable as routers often use
this as cache verification)
o Toggleable new address reporting
o Code tidy up

To toggle features use the following line in your firestorm.conf

preprocessor macwatch   check_gratuitous=no check_unirequest=no alertnew=no

a patch is due in a bit with some little fixes and stuff, but no show stoppers.
I'll get some docs written too :)

John.

-- 
GPG: B89C D450 5B2C 74D8 58FB A360 9B06 B5C2 26F0 3047
WEB: http://www.johnleach.co.uk

Attachment: signature.asc
Description: This is a digitally signed message part