2018-07-23 02:06 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0004387Kali Linux[All Projects] New Tool Requestspublic2018-05-08 08:39
Reporterj_jito 
Assigned To 
PrioritynormalSeverityfeatureReproducibilityhave not tried
StatusnewResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0004387: Addrwatch - This is used to monitor network and log discovered ethernet/ip pairings.
DescriptionMain features of addrwatch:

- IPv4 and IPv6 address monitoring
- Monitoring multiple network interfaces with one daemon
- Monitoring of VLAN tagged (802.1Q) packets.
- Output to stdout, plain text file, syslog, sqlite3 db, MySQL db
- IP address usage history preserving output/logging

Addrwatch is extremely useful in networks with IPv6 autoconfiguration (RFC4862) enabled. It allows to track IPv6 addresses of hosts using IPv6 privacy extensions (RFC4941).

Addrwatch do not keep persistent network pairings state but instead logs all the events that allow ethernet/ip pairing discovery. For IPv4 it is ARP requests, ARP replies and ARP ACD (Address Conflict Detection) packets. For IPv6 it uses ICMPv6 Neighbor Discovery and (DAD) Duplicate Address Detection packets (Neighbor Solicitations, Neighbor Advertisements).
Steps To Reproducegit clone https://github.com/fln/addrwatch.git
./configure
make
make install
addrwatch --help
Additional Informationlibpcap , libevent , mysqlclient

apt-get install libpcap libevent mysqlclient
Attached Files

-Relationships
+Relationships

-Notes

~0007702

dookie (administrator)

This works very well and would make a good addition to the distro.

~0008356

g0tmi1k (administrator)

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

- [Name] - The name of the tool
- [Version] - What version of the tool should be added?
--- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
- [Homepage] - Where can the tool be found online? Where to go to get more information?
- [Download] - Where to go to get the tool?
- [Author] - Who made the tool?
- [Licence] - How is the software distributed? What conditions does it come with?
- [Description] - What is the tool about? What does it do?
- [Dependencies] - What is needed for the tool to work?
- [Similar tools] - What other tools are out there?
- [How to install] - How do you compile it?
- [How to use] - What are some basic commands/functions to demonstrate it?
+Notes

-Issue History
Date Modified Username Field Change
2017-12-05 11:23 j_jito New Issue
2017-12-15 23:00 dookie Note Added: 0007702
2018-01-29 14:38 g0tmi1k Note Added: 0008356
2018-02-21 09:35 g0tmi1k Product Version 2017.3 =>
2018-05-08 08:39 g0tmi1k Summary Addrwatch: This is used to monitor network and log discovered ethernet/ip pairings. => Addrwatch - This is used to monitor network and log discovered ethernet/ip pairings.
+Issue History