====================================================== N E M E S I S - TCP/IP Packet Injection [ChangeLog] ====-v1.4-============================================ 1.4 - New and improved nemesis - New in nemesis 1.4: nemesis-ethernet and nemesis-ip - Windows support (link-layer injection only) - Useful man pages - Single binary - Improved cross-platform support via GNU autotools - Easier to use - Nemesis will attempt to fill in as many details as possible in a packet, thus requiring fewer or even no command line switches. - Each protocol builder attempts to build a proper packet by default. - Organized code base - The network header structures in libnet proved useful so nemesis now uses them where appropriate. - Code is re-used wherever possible resulting in a much more concise code base. - Full payload functionality - Payloads can now contain NULLs within them and full-size packets are available on all supported platforms except Windows. - IP and TCP options support - All nemesis injectors (excluding ARP and Ethernet) now support IP options via -O . - All nemesis injectors using TCP as a transport protocol now support TCP options via -o . - Improved IP and TCP functionality - Full IP fragmentation support via new -F command line semantics. - ECN support in TCP with the addition of -fE (ECE) and -fC (CWR). Originally written by Mark Grimes , Nemesis became an extremely popular tool suite. With Mark wanting to move on to other projects, I nervously agreed to take over Nemesis development in June of 2001 and to somehow try to fill Mark's shoes. 1.32 - general fixes - Fixed if (verbose) bug that prevented libnet_get_hwaddr from being called if verbose == 0 - Fixed getopt() parsing to no longer use if (got_link) as optarg options weren't parsed properly if -d appeared anywhere but the beginning of the command line. - relocated some sanity checks - man page cleanup. (-b option doesn't exist) - changes to nemesis-arp - Added -h and -m switches to allow for changing the sender and target hardware addresses within the ARP frame independant of the Ethernet header. - Added Solaris style ARP requests (-s option) such that the target hardware address is set to ff:ff:ff:ff:ff:ff rather than 00:00:00:00:00:00 as it is in most implementations. This is merely a shortcut and users wishing to set the target address manually should use the -m switch. - ARP requests now default to having the target hardware address set to 00:00:00:00:00:00 rather than duplicating what's in enet_dst. - changes to nemesis-igmp - pull in accidental DoS protection from 1.31 ===== [versions previous to 1.31 were developed and maintaned by Mark Grimes ] ===== 1.31 - Error in printf output for arp request/reply Pulls Source MAC off card if undefined, prevents accidental DoS ;) 1.3 - RARP added (thanks to Jeff Nathan for pointing out Libnet had RARP support, while I have been busy unlibnetizing source code... Since some people wanted this feature...) RAW4ALL OpenBSD patch support added (inject nemesis packets as a normal user!) --- nemesis is such a bloody mess, this will be the last version of the old libnet-nemesis -- I SWEAR! --- (bar bugfixes) 1.2 - ICMP checksum fix patched (did not affect ICMP injection, but not proper) Makefile fixes (roll in the changes made in OpenBSD land) --- 2.0 branch started and under development --- 1.1 - Injection fixes - DNS (no frame on layer 2), ICMP (false reporting) New packet payload hex dumping algorithm created from scratch... many people rip tcpdump's hex dumping algorithm, which might be more robust, but this is 100% my OWN algorithm -- so if it totally sucks, please tell me and I will rip tcpdump's algorithm. I think it works nice and is considerably less code than the other flavors. ICMP man page update - ICMP types/codes notated, so you don't have to refer to the source. Payload fixes (NOTE: nemesis is only being maintained for bugfixes now. A next generation of the tool is currently being developed that will have a shell based interface rather than a command line. As future features are implemented, it will become readily apparent why this is being done.) 1.0 - Injection fix - non-payload packet wasn't injecting after changes made between 0.9.1 and 1.0pre1 releases 1.0pre1 - MANY bugfixes, packet stream loop tightening, Binary payload now does what it is supposed too ;) Socket fixes -- tested with large files 0.9.1 - b0rked the ethernet checksums patch, recoded and verified 0.9 - OSPF completed (5 additional packet types) autoconf adjustments to ease into obsd ports tree patches supplied by: 0.8 - autoconf style configuration misc cosmetic fixes 0.7 - addition of DNS protocol addition of IGMP protocol addition of RIP protocol finished layer 2 support for all completed protocols 0.666b - getopt() fixes to OSPF and ICMP misc cosmetic fixes 0.666a - initial public release ARP, ICMP, OSPF*, TCP, UDP implemented (* unfinished)