nemesis.sourceforge.net - Packet injection tool suite

ChangeLog
 
$Id: ChangeLog,v 1.7 2004/10/07 01:20:55 jnathan Exp $
======================================================
N E M E S I S  -  TCP/IP Packet Injection  [ChangeLog]
======================================================

0.666a  - initial public release
          ARP, ICMP, OSPF*, TCP, UDP implemented (* unfinished)

0.666b  - getopt() fixes to OSPF and ICMP
          misc cosmetic fixes

0.7     - addition of DNS protocol
          addition of IGMP protocol
          addition of RIP protocol
          finished layer 2 support for all completed protocols

0.8     - autoconf style configuration
          misc cosmetic fixes

0.9     - OSPF completed (5 additional packet types)
          autoconf adjustments to ease into obsd ports tree
          patches supplied by: <brad at comstyle dot com>

0.9.1   - b0rked the ethernet checksums patch, recoded and verified

1.0pre1 - MANY bugfixes, packet stream loop tightening, Binary payload
          now does what it is supposed too ;)
          Socket fixes -- tested with large files

1.0     - Injection fix - non-payload packet wasn't injecting after
          changes made between 0.9.1 and 1.0pre1 releases

1.1     - Injection fixes - DNS (no frame on layer 2), ICMP (false reporting)
          New packet payload hex dumping algorithm created from scratch...
          many people rip tcpdump's hex dumping algorithm, which might
          be more robust, but this is 100% my OWN algorithm -- so if
          it totally sucks, please tell me and I will rip tcpdump's
          algorithm.  I think it works nice and is considerably less code
          than the other flavors.
          ICMP man page update - ICMP types/codes notated, so you don't have
          to refer to the source.
          Payload fixes

          (NOTE: nemesis is only being maintained for bugfixes now.
          A next generation of the tool is currently being developed
          that will have a shell based interface rather than a command
          line.  As future features are implemented, it will become
          readily apparent why this is being done.)

--- 2.0 branch started and under development --- 

1.2     - ICMP checksum fix patched (did not affect ICMP injection, but not 
          proper)
          Makefile fixes (roll in the changes made in OpenBSD land)

1.3     - RARP added (thanks to Jeff Nathan <jeff at wwti dot com> for pointing
          out Libnet had RARP support, while I have been busy unlibnetizing 
          source code... Since some people wanted this feature...)
          RAW4ALL OpenBSD patch support added (inject nemesis packets as a 
          normal user!)
          --- nemesis is such a bloody mess, this will be the last version of 
          the old libnet-nemesis -- I SWEAR! --- (bar bugfixes)

1.31    - Error in printf output for arp request/reply
          Pulls Source MAC off card if undefined, prevents accidental DoS ;)

===== [versions previous to 1.31 were developed and maintaned by Mark Grimes
<mark at stateful dot net>] =====

Originally written by Mark Grimes <mark at stateful dot net>, Nemesis became an 
extremely popular tool suite. With Mark wanting to move on to other projects, 
I nervously agreed to take over Nemesis development in June of 2001 and to
somehow try to fill Mark's shoes. 

1.32    - general fixes
          - Fixed if (verbose) bug that prevented libnet_get_hwaddr from being
            called if verbose == 0
          - Fixed getopt() parsing to no longer use if (got_link) as optarg
            options weren't parsed properly if -d appeared anywhere but the 
            beginning of the command line.
          - relocated some sanity checks
          - man page cleanup. (-b option doesn't exist)

        - changes to nemesis-arp 
          - Added -h and -m switches to allow for changing the sender and 
	    target hardware addresses within the ARP frame independant of the 
            Ethernet header.
          - Added Solaris style ARP requests (-s option) such that the target 
            hardware address is set to ff:ff:ff:ff:ff:ff rather than 
            00:00:00:00:00:00 as it is in most implementations.  This is 
            merely a shortcut and users wishing to set the target address 
            manually should use the -m switch.
          - ARP requests now default to having the target hardware address
            set to 00:00:00:00:00:00 rather than duplicating what's in 
            enet_dst.

         - changes to nemesis-igmp
	   - pull in accidental DoS protection from 1.31

1.4     - New and improved nemesis
          - New in nemesis 1.4: nemesis-ethernet and nemesis-ip
          - Windows support (link-layer injection only)
          - Useful man pages
          - Single binary
          - Improved cross-platform support via GNU autotools

        - Easier to use
          - Nemesis will attempt to fill in as many details as possible 
            in a packet, thus requiring fewer or even no command line switches.
          - Each protocol builder attempts to build a proper packet by default.

        - Organized code base
          - The network header structures in libnet proved useful so nemesis
            now uses them where appropriate.
          - Code is re-used wherever possible resulting in a much more concise
            code base.

        - Full payload functionality
          - Payloads can now contain NULLs within them and full-size packets 
            are available on all supported platforms except Windows.

        - IP and TCP options support
          - All nemesis injectors (excluding ARP and Ethernet) now support IP 
            options via -O <IP options file>.
          - All nemesis injectors using TCP as a transport protocol now
            support TCP options via -o <TCP options file>.

        - Improved IP and TCP functionality
          - Full IP fragmentation support via new -F command line semantics.
          - ECN support in TCP with the addition of -fE (ECE) and -fC (CWR).

2003-09-10  Jeff Nathan  <jeff at snort dot org>

        * Switched to GNU ChangeLog format
        * incorporated man page diffs from nnposter@users.sourceforge.net
        * Moved printout functions into nemesis-printout.c
        * Moved file I/O functions to nemesis-fileio.c
        * Incorporated strlcpy and strlcat into source tree
        * Updated configure.in to use AC_REPLACE_FUNCS for locally included
          functions (strlcpy, strlcat, strspn, inet_aton)


2003-10-30  Jeff Nathan  <jeff at snort dot org>

        * Removed struct OptionsData and PayloadData in favor of FileData
        * Changed builddatafromfile() to accept a FileData *

2003-11-07  Jeff Nathan  <jeff at snort dot org>

        * nemesis-proto_ip.c:
          -    ip_meta_packetlen = ip_packetlen - (link_offet + LIBNET_IP_H);
          +    ip_meta_packetlen = ip_packetlen - (link_offset + LIBNET_IP_H);

        * added .cvsignore to CVS

2003-11-09  Jeff Nathan  <jeff at snort dot org>

        * added src/memcmp.c to satisfy automake dependency
        * debug fixes to configure.in
        * removed acconfig.h and replaced with AH_TOP macro in configre.in
        * updated aclocal.m4, missing, mkinstalldirs, configure, configure.in,
          config.guess, Makefile.in, man/Makefile.in and src/Makefile.in as
          part of autotools updates
        * minor man page cleanup

2004-03-06  Jeff Nathan  <jeff at snort dot org>
        * allow RIP routing domain value to be 0 with RIP2

2004-05-12  Jeff Nathan  <jeff at snort dot org>
        * correct mistakes in specifying payload sizes for ICMP and RIP

2004-10-06  Jeff Nathan  <jeff at snort dot org>
        * allow TCP packets to be sent without flags using -f-