version 1.7 release.

git-svn-id: svn+ssh://svn.nta-monitor.com/trunk/opensource/arp-scan@13738 062a1500-4a13-0410-a63b-ee65f32af78f

ChangeLog

@@ -1,5 +1,12 @@
 $Id$
 
+2008-07-24 Roy Hills <Roy.Hills@nta-monitor.com>
+
+	* ieee-oui.txt, ieee-iab.txt: Updated IEEE OUI and IAB listings from
+	  IEEE website using get-oui and get-iab Perl scripts.
+
+	* configure.ac: Incremented version to 1.7.
+
 2008-07-11 Roy Hills <Roy.Hills@nta-monitor.com>
 
 	* arp-scan.a: Removed reference to RMIF environment variable.

NEWS

@@ -3,7 +3,7 @@ $Id$
 This file gives a brief overview of the major changes between each arp-scan
 release.  For more details please read the ChangeLog file.
 
-2008-07-17 arp-scan 1.7:
+2008-07-24 arp-scan 1.7:
 
 * new --pcapsavefile (-W) option to save the ARP response packets to a pcap
   savefile for later analysis with tcpdump, wireshark or another program that
@@ -22,6 +22,9 @@ release.  For more details please read the ChangeLog file.
 * New arp-fingerprint patterns for ARP fingerprinting: Cisco 79xx IP Phone
   SIP 5.x, 6.x and 7.x; Cisco 79xx IP Phone SIP 8.x.
 
+* Updated IEEE OUI and IAB MAC/Vendor files.  There are now 11,697 OUI entries
+  and 2,386 IAB entries.
+
 2007-04-12 arp-scan 1.6:
 
 * arp-scan wiki at http://www.nta-monitor.com/wiki/

README

@@ -28,24 +28,26 @@ installation process.  See the file INSTALL for more details.
 
 arp-scan is known to compile and run on the following platforms:
 
- 1. Linux (tested on Debian Sarge)
- 2. FreeBSD (tested on FreeBSD 6.1)
+ 1. Linux (tested on Debian Sarge, Debian Etch and Fedora 9)
+ 2. FreeBSD (tested on FreeBSD 6.1 and FreeBSD 7.0)
  3. OpenBSD (tested on OpenBSD 3.9)
  4. NetBSD (tested on NetBSD 3.0.1)
  5. MacOS X (Darwin) (tested on MacOS 10.3.9)
+ 6. Solaris (tested on Solaris 9/SPARC and Solaris 10/x86)
 
 The ARP packets are sent using raw datalink access.  The mechanism for this
-varies between platforms, currently Packet Socket (Linux) and BPF (BSD) are
-supported.  It is planned to add support for Win32 and DLPI (Solaris) in
+varies between platforms, currently Packet Socket (Linux), BPF (BSD) and
+DLPI (Solaris) are supported.  It is planned to add support for Win32 in
 future releases.
 
 All platforms use libpcap (http://www.tcpdump.org/) to receive the ARP
 responses.
 
-I decided to implement the sending functions directly rather than using libnet
-or libdnet because these libraries are not normally installed by default, and
-I want to minimise the need to install additional packages.  By contrast,
-libpcap is a standard package on most systems.
+It was decided to implement the sending functions directly rather than using
+libnet or libdnet because these libraries are not normally installed by
+default, and it was considered desirable to minimise the need to install
+additional packages.  By contrast, libpcap is a standard package on most
+modern systems.
 
 
 Documentation
@@ -79,70 +81,8 @@ but it links and runs OK.
 This appears to be due to MacOS 10.3 having libpcap 0.8 libraries, but only
 0.7 headers.
 
-3.  OpenBSD 3.9 gives warning about use of strcat()
-arp-scan.c:137: warning: strcat() is almost always misused, please use strlcat()
-The offending line reads:
-
-strncat(arg_str, " ", 1);
-
-This is using strncat, not strcat, and I think it is safe.
-
-4.  The Perl scripts arp-fingerprint, get-oui and get-iab assume that Perl is
+3.  The Perl scripts arp-fingerprint, get-oui and get-iab assume that Perl is
 installed as /usr/bin/perl.  This fails for NetBSD 3.0.1, where it is installed
 in /usr/pkg/bin/perl instead.
 
 A workaround is to make /usr/bin/perl a symlink to /usr/pkg/bin/perl.
-
-
-ARP Packet Format
------------------
-
-This belongs in the man page, and will probably be moved there in a future
-release.
-
-The ARP packet format is defined in RFC 826 "An Ethernet Address Resolution
-Protocol".  The diagram below shows the entire ARP packet, including the
-Ethernet frame header.
-
-In this diagram, each dash (-) represents one bit, with plus (+) marks every
-eight bits. The names for the ARP packet fields like "ar$hrd" are taken
-from RFC 826.
-
-Ethernet Frame Header:
-
-+--------+--------+--------+--------+--------+--------+
-| Dest Address                                        |
-+--------+--------+--------+--------+--------+--------+
-| Source Address                                      |
-+--------+--------+--------+--------+--------+--------+
-| Protocol Type   |
-+--------+--------+
-
-ARP Packet data:
-
-+--------+--------+
-| ar$hrd          |
-+--------+--------+
-| ar$pro          |
-+--------+--------+
-|ar$hln  |
-+--------+
-|ar$pln  |
-+--------+--------+
-| ar$op           |
-+--------+--------+--------+--------+--------+--------+
-| ar$sha                                              |
-+--------+--------+--------+--------+--------+--------+
-| ar$spa                            |
-+--------+--------+--------+--------+--------+--------+
-| ar$tha                                              |
-+--------+--------+--------+--------+--------+--------+
-| ar$tpa                            |
-+--------+--------+--------+--------+
-
-Optional Padding:
-
-+--------+--------+...
-| Padding          ...
-+--------+--------+...
-

TODO

@@ -39,5 +39,3 @@ Investigate response packets >60 bytes long, e.g:
 10:27:40.802358 00:06:d7:55:0f:40 > 00:c0:9f:09:b8:db, ethertype ARP (0x0806), length 64: arp reply maple.nta-monitor.com is-at 00:06:d7:55:0f:40
 
 Review verbose levels, and what gets displayed.
-
-Add details of --llc and --vlan options to man page.

configure.ac

@@ -1,7 +1,7 @@
 dnl $Id$
 dnl Process this file with autoconf to produce a configure script.
 
-AC_INIT([arp-scan], [1.6.4], [arp-scan@nta-monitor.com])
+AC_INIT([arp-scan], [1.7], [arp-scan@nta-monitor.com])
 AC_PREREQ(2.59)
 AC_REVISION($Revision$)
 AC_CONFIG_SRCDIR([arp-scan.c])

ieee-iab.txt

@@ -12,7 +12,7 @@
 #
 # Blank lines and lines beginning with "#" are ignored.
 #
-# This file was automatically generated by get-iab at 2008-05-04 19:07:02
+# This file was automatically generated by get-iab at 2008-07-24 19:46:03
 # using data from http://standards.ieee.org/regauth/oui/iab.txt
 #
 # Do not edit this file.  If you want to add additional MAC-Vendor mappings,
@@ -178,7 +178,7 @@
 0050C209F	MetaWave Vedeo Systems
 0050C20A0	CYNAPS
 0050C20A1	Visable Genetics, Inc.
-0050C20A2	Jager Messtechnik GmbH
+0050C20A2	J�ger Computergesteuerte Messtechnik GmbH
 0050C20A3	BaSyTec GmbH
 0050C20A4	Bounty Systems Pty Ltd.
 0050C20A5	Mobiltex Data Ltd.
@@ -1199,7 +1199,7 @@
 0050C249C	Envisacor Technologies Inc.
 0050C249D	Critical Link
 0050C249E	Armorlink CO .Ltd
-0050C249F	PRIVATE
+0050C249F	GCS, Inc
 0050C24A0	Advanced technologies & Engineering (pty) Ltd
 0050C24A1	Pigeon Point Systems
 0050C24A2	SPECS GmbH
@@ -1467,7 +1467,7 @@
 0050C25A8	ETAP NV
 0050C25A9	AYC Telecom Ltd
 0050C25AA	Transenna AB
-0050C25AB	Pulizzi Engineering, Inc.
+0050C25AB	Eaton Corporation  Electrical Group  Data Center Solutions - Pulizzi
 0050C25AC	Kinemetrics, Inc.
 0050C25AD	Emcom Systems
 0050C25AE	CPS EUROPE B.V.
@@ -2052,7 +2052,7 @@
 0050C27F1	STUHL Regelsysteme GmbH
 0050C27F2	Logotherm Regelsysteme GmbH
 0050C27F3	SOREC
-0050C27F4	beyerdynamic GmbH & Co. KG
+0050C27F4	Wireless Cables Inc
 0050C27F5	ACE Carwash Systems
 0050C27F6	Saia-Burgess Controls AG
 0050C27F7	MangoDSP
@@ -2311,11 +2311,96 @@
 0050C28F4	Critical Link
 0050C28F5	tec5 AG
 0050C28F6	K-MAC Corp.
-0050C28F7	Certicom Corp.
+0050C28F7	TGE Co., Ltd.
 0050C28F8	RMSD LTD
 0050C28F9	Honeywell International
 0050C28FA	TELIUM s.c.
 0050C28FB	Alfred Kuhse GmbH
 0050C28FC	Symetrics Industries
 0050C28FD	Sindoma M�h Mim �n� Elk San Tic Ltd.
 0050C28FE	Cross Country Systems AB
+0050C28FF	Luceat Spa
+0050C2900	Magor Communications Corp
+0050C2901	Research Applications Incorp
+0050C2902	China Railway Signal & Communication Corp.
+0050C2903	EcoAxis Systems Pvt. Ltd.
+0050C2904	R2Sonic, LLC
+0050C2905	Link Communications, Inc
+0050C2906	Gidel
+0050C2907	Cristal Controles Ltee
+0050C2908	Codex Digital Ltd
+0050C2909	Elisra Electronic Systems
+0050C290A	Board Level Limited
+0050C290B	E.ON ES Sverige AB
+0050C290C	LSS GmbH
+0050C290D	EVK DI Kerschhaggl GmbH
+0050C290E	Phytec Messtechnik GmbH
+0050C290F	INTEGRA Biosciences AG
+0050C2910	Autotank AB
+0050C2911	Vapor Rail
+0050C2912	ASSET InterTech, Inc.
+0050C2913	Selex Sensors & Airborne Systems
+0050C2914	IO-Connect
+0050C2915	Verint Systems Ltd.
+0050C2916	CHK GridSense P/L
+0050C2917	CIRTEM
+0050C2918	Design Lightning Corp
+0050C2919	AHV Systems, Inc.
+0050C291A	Xtone Networks
+0050C291B	Embedded Data Systems, LLC
+0050C291C	MangoDSP
+0050C291D	Rosendahl Studiotechnik GmbH
+0050C291E	Automation Tec
+0050C291F	2NCOMM DESIGN SRL
+0050C2920	Rogue Engineering Inc.
+0050C2921	iQue RFID Technologies BV
+0050C2922	Metrum Sweden AB
+0050C2923	Amicus Wireless
+0050C2924	Link Electric & Safety Control Co.
+0050C2925	PHB Eletronica Ltda.
+0050C2926	DITEST FAHRZEUGDIAGNOSE GMBH
+0050C2927	ATIS group s.r.o.
+0050C2928	Cinetix GmbH
+0050C2929	Flight Deck Resources
+0050C292A	TOPEX SA
+0050C292B	DSP DESIGN
+0050C292C	Exatrol Corporation
+0050C292D	APProSoftware.com
+0050C292E	Goanna Technologies Pty Ltd
+0050C292F	Phytec Messtechnik GmbH
+0050C2930	NETA Elektronik AS
+0050C2931	Korea Telecom Internet Solutions (KTIS)
+0050C2932	SMAVIS Inc.
+0050C2933	Saia-Burgess Controls AG
+0050C2934	Xilar Corp.
+0050C2935	Image Video
+0050C2936	Margaritis Engineering
+0050C2937	BigBear
+0050C2938	Postec Data Systems Ltd
+0050C2939	Mosaic Dynamic Solutions
+0050C293A	ALPHATRONICS nv
+0050C293B	Reliatronics Inc.
+0050C293C	FractureCode Corporation
+0050C293D	Lighting Science Group Corporation
+0050C293E	RCS Communication Test Systems Ltd.
+0050C293F	TSB Solutions Inc.
+0050C2940	Phitek Systems Ltd.
+0050C2941	Rolbit
+0050C2942	Keith & Koep GmbH
+0050C2943	QuanZhou TDX Electronics Co., Ltd.
+0050C2944	Wireonair A/S
+0050C2945	Ex-i Flow Measurement Ltd.
+0050C2946	MEGWARE Computer GmbH
+0050C2947	IMEXHIGHWAY cvba
+0050C2948	ELECTRONIA
+0050C2949	taskit GmbH
+0050C294A	TRUMEDIA TECHNOLOGIES
+0050C294B	Piller engineering Ltd.
+0050C294C	TEMIX
+0050C294D	C&H technology  ltd.
+0050C294E	Zynix Original Sdn. Bhd.
+0050C294F	IT-Designers GmbH
+0050C2950	Tele and Radio Research Institute
+0050C2951	EL.C.A. soc. coop.
+0050C2952	Tech Fass s.r.o.
+0050C2953	EPEL Industrial