Changeset 19

Show
Ignore:
Timestamp:
06/29/07 10:29:33 (1 year ago)
Author:
Karl Vollmer
Message:

updated changelog and readme and removed useless files

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/Changelog

    r10 r19  
    11# ********************************************************************* 
    22 RogueDetect ChangeLog 
     3 
     42007-06-27 Karl Vollmer <karl.vollmer@oregonstate.edu>  
     5        * Removed continuious mode due to known issues with it 
     6        * Fixed a serious logic issue that resulted in the roguedetect 
     7                having trouble detecting two dhcp offers that were within 
     8                1/10th of a second of each other 
     9        * Added a few more sanity checks to stop it and provide usefull 
     10                error information 
    311 
    4122006-12-08 Karl Vollmer <karl.vollmer@oregonstate.edu> 

  • trunk/README

    r10 r19  
    55DHCP Server Detection 
    66 
    7 The library and simple script included are made possible by  
    8 Oregon State University 
    9 Open Minds. Open Doors. Open Source. 
    10 http://oregonstate.edu 
    11  
    127Written by Alex Schumann for the OSU ResNet, fall 2003 
     8Maintained by Karl Vollmer for Oregon State University's ResNet, 2006 - Current 
    139 
    1410 
     
    4541* Single Scan mode (default) will send a single DHCPDISCOVER packet to the network 
    4642  and wait a configurable number of seconds for unauthorized servers. 
    47 * Continuous mode will continue to run, sending DHCPDISCOVER packets every <frequency> minutes, 
    48   sending out alerts etc. 
    49  
    50 Single Scan mode is good for running from the commandline periotically or from a cron script, while 
    51 Continuous mode is good for letting the detector run indefinately. 
    52  
    53 SYNTAX: 
    54 dhcpdetect.pl --continuous [--freq=x] [--iface=interface] [--nodaemon] [--debug=x]  
    55 OR 
    56 dhcpdetect.pl [--waitfor=x] [--iface=interface] [--debug=x] 
    57  
    58  
    59   --continuous          Cause the program to run in a loop, sending DHCPDISCOVER occationally 
    60                         and listning for replies 
    61   --nocontinuous        (default) Send only one DHCPDISCOVER and wait only long enough for 
    62                         a response. Then quit. (for commandline or crontab use) 
    63   --freq=x              In continuous mode only: how long between DHCPDISCOVER packets 
    64   --waitfor=x           In normal (non-continuous) mode only: how long to wait after 
    65                         sending a DHCPDISCOVER for replies. 
    66   --iface=interface     Network interface to use (eg eth0). Unfortunately only one 
    67                         can be done at a time (sorry) run multiple copies for now. 
    68   --daemon/--nodaemon   in continuous mode only: wether or not the program should 
    69                         fork and go into the background. Default is yes. 
    70   --debug=x             Debug level. 1-5 supported. 3 is good for info. higher levels 
    71                         give more information. 
    72  
    73  
    74 -- Bugs -- 
    75  
    76 * Continuous mode could have memory leaks. I havnt' checked (yet) 
    7743 
    7844-- Notes -- 
     
    9258Our resnet has 19 subnets, so I use a linux box with 19 aliased interfaces in  
    9359addition to its onboard network.In linux they are eth0, eth0.0132, eth0.0133, etc...  
    94 so I must run 19 copies of dhcpdetect.pl, one for each interface.  
     60We run dhcpdetect every 5 min on all 19 interfaces.  
    9561 
    9662If you have questions please contact us at 
    9763https://roguedetect.bountysource.com 
    98 Alex Schumann, Karl Vollmer 
     64RogueDetect project team 
    9965 
    10066Enjoy