--- embedaddon/arping/README 2014/06/15 16:26:43 1.1.1.2 +++ embedaddon/arping/README 2021/03/16 23:40:57 1.1.1.4 @@ -10,7 +10,7 @@ arping/README Introduction ------------ -Arping is a util to find out it a specific IP address on the LAN is 'taken' +Arping is a util to find out if a specific IP address on the LAN is 'taken' and what MAC address owns it. Sure, you *could* just use 'ping' to find out if it's taken and even if the computer blocks ping (and everything else) you still get an entry in your ARP cache. But what if you aren't on a routable net? Or @@ -43,15 +43,15 @@ I try to test arping on these platforms before any rel * Latest Debian stable x86 and amd64 * Linux (Debian or Ubuntu) on arm * Latest OpenBSD x86 or amd64 -* FreeBSD x86 -* Solaris 10 sparc -I don't have these systems up and runnig 24/7, but I try to get them tested -every now and then: +Systems that it should still work on, but I don't personally regularly test: +* Debian Alpha +* FreeBSD +* IRIX 6.5 mips (last test 2009-09-27) * MacOS X -* Debian alpha +* NetBSD * OpenBSD sparc64 (last test: 2009-10-02) -* IRIX 6.5 mips (last test 2009-09-27) +* Solaris Mailing list ------------ @@ -122,18 +122,12 @@ A: -T allows you to restrict the arping to a --- Q: ./configure says I need libnet and/or libpcap -A: Arping depends on libnet 1.1.x and libpcap, get libnet at: - http://www.packetfactory.net/libnet and libpcap from http://www.tcpdump.org. +A: Arping depends on libnet 1.1 or newer, and libpcap. Get libnet from + https://github.com/libnet/libnet and libpcap from http://www.tcpdump.org. + Or more likely they were both included in your Linux distribution. - Lately www.packetfactory.net seems to be down, so you can get the original - tarball from the Debian archives: - http://ftp.debian.org/debian/pool/main/libn/libnet/libnet_1.1.4.orig.tar.gz - If that exact file doesn't exist there probably is one with a higher - version number. - - Or github.com: - http://github.com/sam-github/libnet - http://github.com/ThomasHabets/libnet + The original libnet site + was http://packetfactory.openwall.net/projects/libnet/, but is not updated. --- Q: I get bus error on my non-x86 box @@ -197,11 +191,10 @@ A: Be my guest, but if care about security *at all* yo That being said, on Linux you can add the CAP_NET_RAW capability to arping limiting the damage if arping were to be compromised: sudo setcap cap_net_raw+ep /usr/local/sbin/arping - This requires a libnet which does not explicitly check for uid 0. The - current version of libnet does check this, so unless you patch it it will - not help. + This requires a libnet 1.1.5 or higher, which does not explicitly check for + uid 0. - Patch: + For older versions of Libnet: http://github.com/ThomasHabets/libnet/commit/aaa383b5c816107082508b7646929a9479b81645 --- Q: What's this -A switch all about, I don't understand it.