angst 0.4b review
DownloadAngst is an active sniffer, based on libpcap and libnet
|
|
Angst is an active sniffer, based on libpcap and libnet. Angst provides methods for aggressive sniffing on switched local area network environments. It dumps the payload of all the TCP packets received on the specified ports. Moreover, it implements methods for active sniffing. Angst currently provides two active sniffing methods. The first monitors ARP requests, and after enabling IP forwarding on the local host, sends ARP replies mapping all IPs to the local MAC address. The second method floods the local network with random MAC addresses (like macof v1.1 by Ian Vitek), causing switches to send packets to all ports. This is made just for testing purposes and fun. If you compile it on any other platform except the ones listed below, please contact me. As always, angst is published under a BSD-style license, see the included LICENSE file.
Angst has been thoroughly tested on the following platforms:
OpenBSD 2.8 (i386)
OpenBSD 2.7 (i386)
OpenBSD 2.6 (i386)
Also, angst is known to compile and run on:
FreeBSD 4.2-STABLE (i386)
NetBSD 1.4.2 (i386)
Slackware Linux 7.1, with 2.2.13 kernel (i386)
You must first build and install libpcap and libnet. BSD systems have libpcap installed by default. If you test it on any other platform except the ones mentioned, send me the diffs. It should be portable since it is based on libpcap and libnet.
If you run {Free,Net,Open}BSD simply type: make
If you run Linux type: make -f Makefile.linux
In order to compile with debug support, edit the Makefile that corresponds to your platform and remove the comment from -DDEBUG.
In order to install angst type: make install
This will install the angst binary to /usr/local/sbin and the angst manual page to /usr/local/man/man8.
To uninstall angst type: make uninstall
What's New in This Release:
Performed a lot of testing on all supported platforms.
Added the -d switch, useful when you want to enable IP forwarding yourself, and not let angst to do it for you.
Added the -e switch to specify other ports to monitor than the default ones.
Linux support, only tested on Slackware Linux 7.1.
Added a function for enabling IP forwarding on Linux, thanks to charon for
the feedback.
NetBSD support, only tested on 1.4.2.
FreeBSD support, only tested on 4.2-STABLE, thanks to sivitos for the shell account.
Added a warning output message when no active sniffing method is specified.
Added an install and uninstall option to the Makefile.
Created a man page.
angst 0.4b search tags