-diff -uNr ettercap-0.6.4.orig/configure.in ettercap-0.6.4/configure.in
---- ettercap-0.6.4.orig/configure.in Mon Feb 11 22:28:37 2002
-+++ ettercap-0.6.4/configure.in Sat Feb 16 16:50:12 2002
-@@ -401,14 +401,14 @@
- ncurses_warn=0
- curses_warn=0
+--- configure.in~ Wed Apr 24 17:39:41 2002
++++ configure.in Wed Apr 24 18:08:37 2002
+@@ -445,7 +445,7 @@
+ ncurses_warn=0
+ curses_warn=0
-- AC_CHECK_HEADERS(ncurses.h,,ncurses_warn=1)
-+ AC_CHECK_HEADERS(ncurses/ncurses.h,,ncurses_warn=1)
- AC_CHECK_LIB(ncurses,newpad,,ncurses_warn=1)
+- AC_CHECK_HEADERS(ncurses.h,,ncurses_warn=1)
++ AC_CHECK_HEADERS(ncurses/ncurses.h,,ncurses_warn=1)
- if test $ncurses_warn -ne 1; then
- AC_DEFINE(HAVE_NCURSES,1)
- ac_cv_ec_ncurses=yes
- else
-- AC_CHECK_HEADERS(curses.h,,curses_warn=1)
-+ AC_CHECK_HEADERS(ncurses/curses.h,,curses_warn=1)
- AC_CHECK_LIB(curses,newpad,,curses_warn=1)
- AC_CHECK_LIB(curses,mvwgetnstr,,curses_warn=1)
+ if test $ncurses_warn -ne 1; then
+ AC_CHECK_LIB(ncurses,newpad,,ncurses_warn=2)
+@@ -454,7 +454,7 @@
+ ac_cv_ec_ncurses=yes
+ fi
+ else
+- AC_CHECK_HEADERS(curses.h,,curses_warn=1)
++ AC_CHECK_HEADERS(ncurses/curses.h,,curses_warn=1)
-@@ -426,7 +426,7 @@
- form_warn=0
-
- if test "$ncurses_warn$curses_warn" = "00"; then
-- AC_CHECK_HEADERS(form.h,,form_warn=1)
-+ AC_CHECK_HEADERS(ncurses/form.h,,form_warn=1)
- AC_CHECK_LIB(form,form_win,,form_warn=1)
-
- if test $form_warn -ne 1; then
-@@ -458,12 +458,12 @@
- ac_cv_ec_debug=yes
- ;;
- no) AC_MSG_RESULT(no.)
-- CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall"
-+ CFLAGS="${CFLAGS} -funroll-loops -fomit-frame-pointer -Wall"
- ac_cv_ec_debug=no
- ;;
+ if test $curses_warn -ne 1; then
+ AC_CHECK_LIB(curses,newpad,,curses_warn=2)
+@@ -575,12 +575,12 @@
+ ac_cv_ec_debug=yes
+ ;;
+ no) AC_MSG_RESULT(no.)
+- E_CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall"
++ E_CFLAGS="${CFLAGS} -funroll-loops -fomit-frame-pointer -Wall"
+ ac_cv_ec_debug=no
+ ;;
esac ],
- AC_MSG_RESULT(no. disabled by default.)
-- CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall"
-+ CFLAGS="${CFLAGS} -funroll-loops -fomit-frame-pointer -Wall"
- ac_cv_ec_debug=no
+ AC_MSG_RESULT(no. disabled by default.)
+- E_CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall"
++ E_CFLAGS="${CFLAGS} -funroll-loops -fomit-frame-pointer -Wall"
+ ac_cv_ec_debug=no
)
AC_SUBST(DEBUG)
-diff -uNr ettercap-0.6.4.orig/configure.in.orig ettercap-0.6.4/configure.in.orig
---- ettercap-0.6.4.orig/configure.in.orig Thu Jan 1 01:00:00 1970
-+++ ettercap-0.6.4/configure.in.orig Mon Feb 11 22:28:37 2002
-@@ -0,0 +1,675 @@
-+dnl
-+dnl ettercap -- configure script
-+dnl
-+dnl Copyright (C) 2001 ALoR <alor@users.sourceforge.net>, NaGA <crwm@freemail.it>
-+dnl
-+dnl This program is free software; you can redistribute it and/or modify
-+dnl it under the terms of the GNU General Public License as published by
-+dnl the Free Software Foundation; either version 2 of the License, or
-+dnl (at your option) any later version.
-+dnl
-+dnl This program is distributed in the hope that it will be useful,
-+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
-+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+dnl GNU General Public License for more details.
-+dnl
-+dnl You should have received a copy of the GNU General Public License
-+dnl along with this program; if not, write to the Free Software
-+dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-+dnl
-+dnl $Id$
-+dnl
-+
-+AC_INIT(src/ec_main.c)
-+AC_CONFIG_HEADER(config.h)
-+
-+SB=`./shtool echo -n -e %B`
-+EB=`./shtool echo -n -e %b`
-+
-+AC_SUBST(SB)
-+AC_SUBST(EB)
-+
-+VERSION=`grep VERSION ./src/include/ec_main.h | cut -f2 -d"\""`
-+AC_SUBST(VERSION)
-+
-+PROG=`grep PROGRAM ./src/include/ec_main.h | cut -f2 -d"\""`
-+AC_SUBST(PROG)
-+
-+EC_MESSAGE(Configuring $PROG-$VERSION)
-+
-+SERIAL=`date +%Y%m%d`
-+AC_SUBST(SERIAL)
-+
-+RELEASE=1
-+AC_SUBST(RELEASE)
-+
-+SOURCES=`ls ./src/ec_*.c | awk ' { printf "%s ", $1 } '`
-+AC_SUBST(SOURCES)
-+
-+
-+dnl =========================================
-+dnl Enable Developmen feature or portings
-+dnl =========================================
-+
-+AC_ARG_ENABLE(devel, [ --enable-devel enable the undeveloped (alpha) features.],
-+[ case "$enableval" in
-+ yes)
-+ development=1
-+ ;;
-+ no)
-+ development=0
-+ ;;
-+esac ],
-+ development=0
-+)
-+
-+dnl ================
-+dnl Check the OS
-+dnl ================
-+
-+AC_CANONICAL_SYSTEM
-+case "$target_os" in
-+*linux*)
-+ EC_LINUX_KERNEL()
-+ OS=LINUX
-+ OS_OPT=
-+ ;;
-+*freebsd*)
-+ EC_FREEBSD_VERSION()
-+ OS=FREEBSD
-+ OS_OPT=
-+ ;;
-+*netbsd*)
-+ OS=NETBSD
-+ OS_OPT=
-+ ;;
-+*openbsd*)
-+ OS=OPENBSD
-+ OS_OPT=
-+ ;;
-+*darwin*)
-+ EC_DARWIN_KERNEL()
-+ OS=MACOSX
-+ OS_OPT=
-+ STRIPOPTION="-x"
-+ ;;
-+*cygwin*)
-+ if test $development -ne 1; then
-+ echo
-+ echo "CYGWIN PORTING IS IN PROGRESS..."
-+ echo "STAY TUNED FOR THE NEXT RELEASE"
-+ echo
-+ echo "you can try to compile and run it"
-+ echo "by configuring with the --enable-devel flag"
-+ echo "TRY AT YOUR OWN RISK"
-+ echo
-+ exit
-+ fi
-+ OS=CYGWIN
-+ OS_OPT=
-+ ;;
-+*solaris*)
-+ if test $development -ne 1; then
-+ echo
-+ echo "WE ARE VERY VERY SORRY, BUT STILL NO SOLARIS PORT"
-+ echo "WE ARE WORKING ON IT..."
-+ echo "IF YOU WANT TO CONTRIBUTE WITH PORTING:"
-+ echo "run ./configure --enable-devel "
-+ echo "and report bugs"
-+ echo
-+ exit
-+ fi
-+ OS=SOLARIS
-+ OS_OPT=
-+ ;;
-+*)
-+ echo
-+ echo "NOT A SUPPORTED SYSTEM / OR SYSTEM NOT RECOGNIZED"
-+ echo
-+ cat PORTINGS
-+ echo
-+ exit
-+ ;;
-+esac
-+
-+AC_SUBST(OS)
-+AC_SUBST(OS_OPT)
-+AC_SUBST(STRIPOPTION)
-+
-+dnl ======================
-+dnl Initialize prefix.
-+dnl ======================
-+
-+AC_PREFIX_DEFAULT(/usr/local)
-+
-+if test "$prefix" = "NONE"; then
-+ prefix="/usr/local"
-+fi
-+
-+
-+dnl ========================
-+dnl Check the C compiler
-+dnl ========================
-+
-+AC_PROG_CC
-+AC_PROG_INSTALL
-+AC_PROG_MAKE_SET
-+AC_PROG_GCC_TRADITIONAL
-+
-+dnl ======================
-+dnl Machine Endianness
-+dnl ======================
-+
-+AC_C_BIGENDIAN
-+
-+dnl ======================
-+dnl OS specific checks
-+dnl ======================
-+
-+
-+if test "$OS" = "LINUX"; then
-+
-+ dnl ===========================
-+ dnl Check for Socket Packet
-+ dnl ===========================
-+
-+ EC_PF_PACKET()
-+ EC_SOCK_PACKET()
-+
-+ if test "$ac_cv_ec_nopf" = 1 && test "$ac_cv_ec_nosock" = 1; then
-+ AC_MSG_WARN(*************************************);
-+ AC_MSG_WARN(* You can't create Socket Packet !! *);
-+ AC_MSG_WARN(*************************************);
-+ exit;
-+ fi
-+
-+ dnl ===========================================
-+ dnl Check for /proc/sys/net/ipv4/ip_forward
-+ dnl ===========================================
-+
-+ AC_PATH_PROGS(IPFORWARD,ip_forward,no,/proc/sys/net/ipv4)
-+ if test "$IPFORWARD" = no; then
-+ AC_MSG_WARN(*****************************************************************)
-+ AC_MSG_WARN(* /proc/sys/net/ipv4/ip_forward not found !! *)
-+ AC_MSG_WARN(* please disable manually ip_forwarding before running ettercap *)
-+ AC_MSG_WARN(*****************************************************************)
-+ else
-+ AC_DEFINE(HAVE_PROC_FORWARDING)
-+ fi
-+
-+fi
-+
-+
-+
-+if test "$OS" = "FREEBSD" -o "$OS" = "OPENBSD" -o "$OS" = "NETBSD" -o "$OS" = "MACOSX"; then
-+
-+ AC_MSG_CHECKING(link-layer packet interface)
-+
-+ if test -r /dev/bpf0 ; then
-+ AC_MSG_RESULT(found bpf)
-+ elif test -c /dev/bpf0 ; then
-+ AC_MSG_RESULT(found bpf)
-+ else
-+ AC_MSG_WARN(*********************************************************);
-+ AC_MSG_WARN(* /dev/bpf0 not found !! please reconfigure your kernel *);
-+ AC_MSG_WARN(*********************************************************);
-+ exit;
-+ fi
-+
-+fi
-+
-+
-+
-+if test "$OS" = "SOLARIS"; then
-+
-+ AC_CHECK_HEADERS(sys/bufmod.h sys/dlpi_ext.h)
-+ AC_MSG_CHECKING(for /dev/dlpi device)
-+ if test -c /dev/dlpi; then
-+ AC_MSG_RESULT(yes)
-+ AC_DEFINE(HAVE_DEV_DLPI)
-+ else
-+ AC_MSG_RESULT(no)
-+ dir="/dev/dlpi"
-+ AC_MSG_CHECKING(for $dir directory)
-+ if test -d $dir ; then
-+ AC_MSG_RESULT(yes)
-+ AC_DEFINE_UNQUOTED(DLPI_DEV_PREFIX, "$dir")
-+ else
-+ AC_MSG_RESULT(no)
-+ fi
-+ fi
-+
-+fi
-+
-+if test "$OS" = "CYGWIN"; then
-+
-+ AC_MSG_CHECKING(for WinPcap developer's pack)
-+ AC_ARG_WITH(wpdpack,
-+ [ --with-wpdpack=DIR use WinPcap developer's pack in DIR],
-+ [ AC_MSG_RESULT($withval)
-+ if test -f $withval/include/packet32.h -a -f $withval/lib/packet.a; then
-+ COPTS="$COPTS -I$withval/include"
-+ LIBS="$LIBS -L$withval/lib -lpacket -lws2_32"
-+ else
-+ AC_MSG_ERROR(packet32.h or packet.a not found in $withval)
-+ fi ],
-+ [ for dir in ${prefix} ${HOME}/WPdpack ; do
-+ if test -f ${dir}/include/packet32.h -a -f ${dir}/lib/packet.a; then
-+ COPTS="$COPTS -I${dir}/include"
-+ LIBS="$LIBS -L${dir}/lib -lpacket -lws2_32"
-+ have_pcap=yes
-+ break;
-+ fi
-+ done
-+ if test "$have_pcap" != yes; then
-+ AC_MSG_ERROR(WinPcap developer's pack not found)
-+ fi
-+ AC_MSG_RESULT(yes) ])
-+
-+fi
-+
-+dnl ===========================
-+dnl Check for programs path
-+dnl ===========================
-+
-+AC_PATH_PROG(WGET_PATH, "wget")
-+ if test -n "$WGET_PATH"; then
-+ AC_DEFINE_UNQUOTED(WGET_PATH, "$WGET_PATH")
-+ else
-+ AC_DEFINE_UNQUOTED(WGET_PATH, "")
-+ fi
-+
-+
-+dnl =====================
-+dnl Check for headers
-+dnl =====================
-+
-+AC_HEADER_STDC
-+AC_HEADER_DIRENT
-+AC_HEADER_TIME
-+AC_CHECK_HEADERS(getopt.h)
-+AC_CHECK_HEADERS(fcntl.h termios.h ctype.h)
-+AC_CHECK_HEADERS(sys/time.h sys/utsname.h)
-+AC_CHECK_HEADERS(ifaddrs.h)
-+
-+dnl These are required !!
-+AC_CHECK_HEADERS(unistd.h stdlib.h signal.h stdarg.h sys/ioctl.h,,
-+ AC_MSG_WARN(**************************************************);
-+ AC_MSG_WARN(* REQUIRED !! I cant believe U don't have this !!*);
-+ AC_MSG_WARN(**************************************************);
-+ exit)
-+
-+AC_CHECK_HEADERS(dirent.h errno.h,,
-+ AC_MSG_WARN(***************);
-+ AC_MSG_WARN(* REQUIRED !! *);
-+ AC_MSG_WARN(***************);
-+ exit)
-+
-+AC_CHECK_HEADERS(net/ethernet.h net/if_arp.h net/if.h)
-+AC_CHECK_HEADERS(netinet/ip.h netinet/ip_icmp.h netinet/tcp.h)
-+AC_CHECK_HEADERS(sys/sockio.h)
-+
-+
-+dnl ==================================================================
-+dnl Checks for typedefs, structures, and compiler characteristics.
-+dnl ==================================================================
-+
-+AC_STRUCT_TM
-+EC_SOCKLEN_CHECK
-+AC_TYPE_PID_T
-+AC_TYPE_SIZE_T
-+AC_C_CONST
-+AC_LBL_SOCKADDR_SA_LEN
-+AC_LBL_UNALIGNED_ACCESS
-+
-+dnl =====================
-+dnl Check for libs
-+dnl =====================
-+
-+AC_FUNC_MALLOC
-+AC_FUNC_MEMCMP
-+AC_TYPE_SIGNAL
-+AC_FUNC_VPRINTF
-+EC_PTHREAD_CHECK()
-+AC_SEARCH_LIBS(log,c m)
-+AC_SEARCH_LIBS(pow,c m)
-+AC_SEARCH_LIBS(gethostbyname,c nsl,,AC_MSG_ERROR(libnsl not found.))
-+AC_SEARCH_LIBS(socket,c socket,,AC_MSG_ERROR(libsocket not found.))
-+AC_SEARCH_LIBS(dn_expand,c resolv,,)
-+AC_CHECK_FUNCS(getifaddrs)
-+AC_CHECK_FUNCS(gettimeofday)
-+AC_CHECK_FUNCS(vsnprintf)
-+AC_CHECK_FUNCS(select strdup strerror strstr strsignal)
-+AC_CHECK_FUNCS(uname)
-+
-+
-+dnl ===============================
-+dnl Check for non standard libs
-+dnl ===============================
-+
-+MISSING=""
-+MISSLIBS=""
-+
-+AC_CHECK_FUNCS(getopt_long,,MISSING="$MISSING ./src/missing/getopt.c ./src/missing/getopt1.c"
-+ MISSLIBS="$MISSLIBS ./src/missing/getopt.o ./src/missing/getopt1.o")
-+AC_CHECK_FUNCS(strlcat,,MISSING="$MISSING ./src/missing/strlcat.c"
-+ MISSLIBS="$MISSLIBS ./src/missing/strlcat.o")
-+AC_CHECK_FUNCS(strlcpy,,MISSING="$MISSING ./src/missing/strlcpy.c"
-+ MISSLIBS="$MISSLIBS ./src/missing/strlcpy.o")
-+AC_CHECK_FUNCS(strsep,,MISSING="$MISSING ./src/missing/strsep.c"
-+ MISSLIBS="$MISSLIBS ./src/missing/strsep.o")
-+AC_CHECK_FUNCS(memmem,,MISSING="$MISSING ./src/missing/memmem.c"
-+ MISSLIBS="$MISSLIBS ./src/missing/memmem.o")
-+AC_CHECK_FUNCS(inet_aton,,MISSING="$MISSING ./src/missing/inet_aton.c"
-+ MISSLIBS="$MISSLIBS ./src/missing/inet_aton.o")
-+AC_CHECK_FUNCS(scandir,,MISSING="$MISSING ./src/missing/scandir.c"
-+ MISSLIBS="$MISSLIBS ./src/missing/scandir.o")
-+
-+AC_SUBST(MISSING)
-+AC_SUBST(MISSLIBS)
-+
-+
-+dnl =======================================
-+dnl Check user defined --enable-FEATURE
-+dnl =======================================
-+
-+EC_MESSAGE(Checking user defined options)
-+
-+dnl -----------------------
-+dnl -- NCURSES INTERFACE --
-+dnl -----------------------
-+
-+check_ncurses=0
-+AC_MSG_CHECKING([if --enable-ncurses option is specified])
-+AC_ARG_ENABLE(ncurses, [ --enable-ncurses enable the ncurses interface.],
-+[ case "$enableval" in
-+ yes)
-+ AC_MSG_RESULT(yes.)
-+ check_ncurses=1
-+ ;;
-+ no) AC_MSG_RESULT(no.)
-+ ;;
-+esac ],
-+ AC_MSG_RESULT(yes. enabled by default.)
-+ check_ncurses=1
-+)
-+
-+ac_cv_ec_ncurses=no
-+ac_cv_ec_form=no
-+
-+if test $check_ncurses -ne 0; then
-+ ncurses_warn=0
-+ curses_warn=0
-+
-+ AC_CHECK_HEADERS(ncurses.h,,ncurses_warn=1)
-+ AC_CHECK_LIB(ncurses,newpad,,ncurses_warn=1)
-+
-+ if test $ncurses_warn -ne 1; then
-+ AC_DEFINE(HAVE_NCURSES,1)
-+ ac_cv_ec_ncurses=yes
-+ else
-+ AC_CHECK_HEADERS(curses.h,,curses_warn=1)
-+ AC_CHECK_LIB(curses,newpad,,curses_warn=1)
-+ AC_CHECK_LIB(curses,mvwgetnstr,,curses_warn=1)
-+
-+ if test $curses_warn -ne 1; then
-+ AC_DEFINE(HAVE_NCURSES,1)
-+ ac_cv_ec_ncurses=yes
-+ else
-+ AC_MSG_WARN(***********************************************)
-+ AC_MSG_WARN(* NCURSES are NOT available in your system !! *)
-+ AC_MSG_WARN(* Interactive mode will not be supported! *)
-+ AC_MSG_WARN(***********************************************)
-+ fi
-+ fi
-+
-+ form_warn=0
-+
-+ if test "$ncurses_warn$curses_warn" = "00"; then
-+ AC_CHECK_HEADERS(form.h,,form_warn=1)
-+ AC_CHECK_LIB(form,form_win,,form_warn=1)
-+
-+ if test $form_warn -ne 1; then
-+ AC_DEFINE(HAVE_FORM,1)
-+ ac_cv_ec_form=yes
-+ else
-+ AC_MSG_WARN(**********************************************)
-+ AC_MSG_WARN(* FORM are NOT available in your system !! *)
-+ AC_MSG_WARN(* some interface will be less pleasureful... *)
-+ AC_MSG_WARN(**********************************************)
-+ fi
-+ fi
-+fi
-+
-+
-+
-+
-+dnl -----------
-+dnl -- DEBUG --
-+dnl -----------
-+
-+AC_MSG_CHECKING([if --enable-debug option is specified])
-+AC_ARG_ENABLE(debug, [ --enable-debug create a file for debugging messages.],
-+[ case "$enableval" in
-+ yes)
-+ DEBUG="-DDEBUG"
-+ CFLAGS="-g -ggdb -Wmissing-prototypes -Werror -Wall"
-+ AC_MSG_RESULT(yes)
-+ ac_cv_ec_debug=yes
-+ ;;
-+ no) AC_MSG_RESULT(no.)
-+ CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall"
-+ ac_cv_ec_debug=no
-+ ;;
-+esac ],
-+ AC_MSG_RESULT(no. disabled by default.)
-+ CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall"
-+ ac_cv_ec_debug=no
-+)
-+AC_SUBST(DEBUG)
-+
-+dnl -------------
-+dnl -- PLUGINS --
-+dnl -------------
-+
-+check_plugins=0
-+AC_MSG_CHECKING([if --enable-plugins option is specified])
-+AC_ARG_ENABLE(plugins, [ --enable-plugins enable the use of plugins in ettercap.],
-+[ case "$enableval" in
-+ yes)
-+ AC_MSG_RESULT(yes.)
-+ check_plugins=1
-+ ;;
-+ no) AC_MSG_RESULT(no.)
-+ ac_cv_ec_plugin=no
-+ ;;
-+esac ],
-+ AC_MSG_RESULT(yes. enabled by default.)
-+ check_plugins=1
-+)
-+
-+
-+if test $check_plugins -ne 0; then
-+ plugins_warn=0
-+ AC_CHECK_HEADERS(dlfcn.h,,plugins_warn=1)
-+ AC_SEARCH_LIBS(dlopen, dl c,,plugins_warn=1)
-+
-+ if test $plugins_warn -ne 1; then
-+ AC_DEFINE(PERMIT_PLUGINS,1)
-+ ac_cv_ec_plugin=yes
-+ AC_MSG_CHECKING([for gcc option to produce PIC])
-+ if test "$OS" = "MACOSX"; then
-+ PICFLAG="-bundle -undefined $ac_cv_ec_undefined -bundle_loader ../../ettercap"
-+ elif test "$OS" = "SOLARIS"; then
-+ PICFLAG="-fPIC -DPIC -shared"
-+ elif test "$OS" = "CYGWIN"; then
-+ PICFLAG="-DPIC -shared"
-+ else
-+ LIBS="$LIBS -rdynamic"
-+ PICFLAG="-fPIC -DPIC -shared"
-+ fi
-+ AC_MSG_RESULT($PICFLAG)
-+ AC_SUBST(PICFLAG)
-+ else
-+ AC_MSG_WARN(***********************************************)
-+ AC_MSG_WARN(* Plugins are NOT supported by your system !! *)
-+ if test "$OS" = "MACOSX"; then
-+ AC_MSG_WARN(* *)
-+ AC_MSG_WARN(* You have to install the dlcompat library... *)
-+ fi
-+ AC_MSG_WARN(***********************************************)
-+ ac_cv_ec_plugin=no
-+ fi
-+fi
-+
-+
-+dnl ---------
-+dnl -- SSH --
-+dnl ---------
-+
-+check_ssh=0
-+AC_ARG_WITH(openssl, [ --with-openssl=DIR use OpenSSL in DIR],
-+[ case "$withval" in
-+ no)
-+ AC_MSG_CHECKING(for OpenSSL)
-+ AC_MSG_RESULT(no)
-+ ac_cv_ec_ssh=no
-+ ;;
-+ *)
-+ AC_MSG_CHECKING(for OpenSSL in $withval)
-+ check_ssh=1
-+ ssl_path=$withval
-+ ;;
-+ esac ],
-+ [ AC_MSG_CHECKING(for OpenSSL in ${prefix})
-+ check_ssh=1
-+ ssl_path=${prefix}
-+ ]
-+)
-+
-+
-+if test $check_ssh -ne 0; then
-+
-+ if test -f $ssl_path/include/openssl/ssl.h; then
-+ COPTS="$COPTS -I$ssl_path/include"
-+ LIBS="$LIBS -L$ssl_path/lib -lssl -lcrypto"
-+ AC_DEFINE(HAVE_OPENSSL,1)
-+ ac_cv_ec_ssh=yes
-+ AC_MSG_RESULT(yes)
-+ elif test -f $ssl_path/ssl/include/openssl/ssl.h; then
-+ COPTS="$COPTS -I$ssl_path/ssl/include"
-+ LIBS="$LIBS -L$ssl_path/ssl/lib -lssl -lcrypto"
-+ AC_DEFINE(HAVE_OPENSSL,1)
-+ ac_cv_ec_ssh=yes
-+ AC_MSG_RESULT(yes)
-+ elif test -f /usr/include/openssl/ssl.h; then
-+ LIBS="$LIBS -lssl -lcrypto"
-+ AC_DEFINE(HAVE_OPENSSL,1)
-+ ac_cv_ec_ssh=yes
-+ AC_MSG_RESULT(yes)
-+ else
-+ AC_MSG_RESULT(no)
-+ ac_cv_ec_ssh=no
-+ AC_MSG_WARN(**********************************************)
-+ AC_MSG_WARN(* OpenSSL is NOT installed in your system !! *)
-+ AC_MSG_WARN(* SSH support will NOT be available... *)
-+ AC_MSG_WARN(**********************************************)
-+ fi
-+
-+ AC_PATH_PROG(OPENSSL_PATH, "openssl",, "$PATH:/usr/local/ssl/bin")
-+ if test -n "$OPENSSL_PATH"; then
-+ AC_DEFINE_UNQUOTED(OPENSSL_PATH, "$OPENSSL_PATH")
-+ else
-+ AC_DEFINE_UNQUOTED(OPENSSL_PATH, "")
-+ fi
-+
-+fi
-+
-+
-+dnl -----------
-+dnl -- HTTTS --
-+dnl -----------
-+
-+AC_MSG_CHECKING([if --enable-https option is specified])
-+AC_ARG_ENABLE(https, [ --enable-https permit https dissection (invasive).],
-+[ case "$enableval" in
-+ yes)
-+ if test "$OS" = "MACOSX" -o "$OS" = "SOLARIS" -o "$OS" = "CYGWIN"; then
-+ AC_MSG_RESULT(NOT available on this OS)
-+ ac_cv_ec_https=no
-+ else
-+ AC_DEFINE(PERMIT_HTTPS,1)
-+ AC_MSG_RESULT(yes)
-+ ac_cv_ec_https=yes
-+ fi
-+ ;;
-+ no) AC_MSG_RESULT(no)
-+ ac_cv_ec_https=no
-+ ;;
-+ esac ],
-+ if test "$OS" = "MACOSX" -o "$OS" = "SOLARIS" -o "$OS" = "CYGWIN"; then
-+ AC_MSG_RESULT(NOT available on this OS)
-+ ac_cv_ec_https=no
-+ elif test "$OS" = "OPENBSD" -o "$OS" = "FREEBSD" -o "$OS" = "NETBSD"; then
-+ AC_MSG_RESULT(no.)
-+ ac_cv_ec_https=no
-+ AC_MSG_WARN(***************************************************)
-+ AC_MSG_WARN(* HTTPS dissection in in ALPHA state under BSD... *)
-+ AC_MSG_WARN(* I discourage you to enable it. *)
-+ AC_MSG_WARN(* But if you want use at your own risk *)
-+ AC_MSG_WARN(***************************************************)
-+ else
-+ AC_MSG_RESULT(yes. enabled by default.)
-+ AC_DEFINE(PERMIT_HTTPS,1)
-+ ac_cv_ec_https=yes
-+ fi
-+
-+)
-+
-+
-+dnl ===============
-+dnl FINISHED !!
-+dnl ===============
-+
-+AC_SUBST(COPTS)
-+
-+EC_MESSAGE(Writing output files)
-+
-+PLUGINS=`ls ./plugins | grep -v -E "Make|CVS" | awk ' { printf "%s ", $1 } '`
-+AC_SUBST(PLUGINS)
-+
-+makeplug=`ls ./plugins | grep -v -E "Make|CVS" | awk '{ printf("plugins/%s/Makefile ", $1) }'`
-+
-+AC_OUTPUT(ettercap.spec ettercap.8 Makefile $makeplug plugins/Makefile)
-+
-+
-+dnl ===============
-+dnl THE SUMMARY
-+dnl ===============
-+
-+
-+EC_MESSAGE(Ettercap has been configured as follow)
-+
-+echo "=================================================="
-+echo
-+ EC_CHECK_OPTION(" Install directory: ",${prefix})
-+echo
-+echo
-+ EC_CHECK_OPTION(" DEBUG mode ....... ",${ac_cv_ec_debug})
-+ EC_CHECK_OPTION(" NCURSES support .. ",${ac_cv_ec_ncurses})
-+ EC_CHECK_OPTION(" FORM support ..... ",${ac_cv_ec_form})
-+ EC_CHECK_OPTION(" PLUGIN support ... ",${ac_cv_ec_plugin})
-+ EC_CHECK_OPTION(" SSH support ...... ",${ac_cv_ec_ssh})
-+ EC_CHECK_OPTION(" HTTPS support .... ",${ac_cv_ec_https})
-+echo
-+echo "=================================================="
-+echo
-+echo
-+echo For a list of all possible make processes, type \`${SB}make help${EB}\`
-+echo
-+echo
-+
-+
-+
-+EC_CHECK_DATE()
-+
-diff -uNr ettercap-0.6.4.orig/ettercap.8 ettercap-0.6.4/ettercap.8
---- ettercap-0.6.4.orig/ettercap.8 Thu Jan 1 01:00:00 1970
-+++ ettercap-0.6.4/ettercap.8 Sat Feb 16 16:50:12 2002
-@@ -0,0 +1,552 @@
-+.\" ettercap -- a ncurses-based sniffer/interceptor utility for switched LAN
-+.\"
-+.\" Copyright (C) 2001 ALoR <alor@users.sourceforge.net>, NaGA <crwm@freemail.it>
-+.\"
-+.\" This program is free software; you can redistribute it and/or modify
-+.\" it under the terms of the GNU General Public License as published by
-+.\" the Free Software Foundation; either version 2 of the License, or
-+.\" (at your option) any later version.
-+.\"
-+.\" This program is distributed in the hope that it will be useful,
-+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
-+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+.\" GNU General Public License for more details.
-+.\"
-+.\" You should have received a copy of the GNU General Public License
-+.\" along with this program; if not, write to the Free Software
-+.\" Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-+.de Sp
-+.if n .sp
-+.if t .sp 0.4
-+..
-+.TH ETTERCAP "8" "20010906" "ettercap 0.5.4"
-+.SH NAME
-+.B ettercap 0.5.4 \- A multipurpose sniffer over switched LANs
-+
-+.SH SYNOPSIS
-+.B ettercap
-+[\fIOPTIONS\fR] [\fIHOST:PORT\fR] [\fIHOST:PORT\fR] [\fIMAC\fR] [\fIMAC\fR]
-+
-+.SH DESCRIPTION
-+Ettercap was born as a sniffer for switched LAN (and obviously even "hubbed" one),
-+but during the development process it has gained more and more feature that have
-+changed it to a powerful and flexible tool for man-in-the-middle attacks.
-+It supports active and passive dissection of many protocols (even ciphered ones)
-+and includes many feature for network and host analysis (such as OS fingerprint).
-+.PP
-+It has five sniffing methods:
-+.br
-++ IPBASED, the packets are filtered matching IP:PORT source and IP:PORT dest
-+.br
-++ MACBASED, packets filtered matching the source and dest MAC address. (useful
-+to sniff connections through gateway)
-+.br
-++ ARPBASED, uses arp poisoning to sniff in switched LAN between two hosts
-+(full-duplex m-i-t-m).
-+.br
-++ SMARTARP, uses arp poisoning to sniff in switched LAN from a victim host to all other
-+hosts knowing the entire list of the hosts (full-duplex m-i-t-m).
-+.br
-++ PUBLICARP, uses arp poison to sniff in switched LAN from a victim host to all other
-+hosts (half-duplex).
-+.br
-+With this method the ARP replies are sent in broadcast, but if ettercap has the complete
-+host list (on start up it has scanned the LAN) SMARTARP method is automatically selected,
-+and the arp replies are sent to all the hosts but the victim, avoiding conflicting MAC
-+addresses as reported by win2K.
-+.PP
-+The most relevant ettercap features are:
-+.PP
-+.B Characters injection in an established connection :
-+you can inject character to server (emulating commands) or to client (emulating replies)
-+maintaining the connection alive !!
-+.PP
-+.B SSH1 support :
-+you can sniff User and Pass, and even the data of an SSH1 connection. ettercap is the
-+first software capable to sniff an SSH connection in FULL-DUPLEX
-+.PP
-+.B HTTPS support :
-+you can sniff http SSL secured data... and even if the connection is made through a PROXY
-+.PP
-+.B Plug-ins support :
-+You can create your own plugin using the ettercap's API.
-+.PP
-+.B Password collector for :
-+TELNET, FTP, POP, RLOGIN, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, NAPSTER, IRC, RIP, BGP,
-+SOCKS 5, IMAP 4, VNC (other protocols coming soon...)
-+.PP
-+.B Packet filtering/dropping:
-+You can set up a filter chain that search for a particular string (even hex) in the TCP
-+or UDP payload and replace it with yours or drop the entire packet.
-+.PP
-+.B OS fingerprint:
-+you can fingerprint the OS of the victim host and even its network adapter (it uses the
-+nmap (c) Fyodor database)
-+.PP
-+.B Kill a connection:
-+from the connections list you can kill all the connections you want
-+.PP
-+.B Packet factory:
-+You can create and sent packet forged on the fly. The factory let you to forge from Ethernet
-+header to application level.
-+
-+.PP
-+.SH OPTIONS
-+Options that make sense together can generally be combined. ettercap will warn the user
-+about unsupported option combinations.
-+.TP
-+.B SNIFFING METHODS
-+.TP
-+\fB\-a\fR, \fB\-\-arpsniff\fR
-+ARP BASED sniffing
-+.br
-+This is THE sniffing method for switched LAN, and if you want to use the man-in-the-middle
-+technique you have to use it. In conjunction with the silent mode (-z option) you must
-+specify two IP and two MAC for ARPBASED (full-duplex) or one IP and one MAC for PUBLICARP
-+(half-duplex). in PUBLICARP the ARP replies are sent in broadcast, but if ettercap has
-+the complete host list (on start up it has scanned the LAN) SMARTARP method is automatically
-+selected, and the arp replies are sent to all the hosts but the victim, and an hash table
-+is created to re-route back the packet form victim to client obtaining in this way a full-duplex
-+man in the middle attack.
-+.br
-+Filters that have as action a replacement or a drop, can be used only with ARPBASED
-+sniffing because it is necessary to re-adjust the sequence number in full-duplex in order
-+to maintain the connection alive.
-+.TP
-+\fB\-s\fR, \fB\-\-sniff\fR
-+IP BASED sniffing
-+.br
-+This is the good old style sniffing method. It rocks on "hubbed" LAN, but useless on switched
-+ones. You can choose the target specifying only source, only dest, with or without port, or
-+nothing (to sniff all connections). A special ip "ANY" means from or to every host.
-+.TP
-+\fB\-m\fR, \fB\-\-macsniff\fR
-+MAC BASED sniffing (you must select two host for this)
-+.br
-+Very useful to sniff TCP traffic with remote hosts. On hubbed LANs if you want to sniff a
-+connection through a gateway is useless to specify the victim's ip and the gateway's ip,
-+because the packet are for an external host, not for the gateway. So you can use this method.
-+Simply specify the victim's MAC and the gateway's MAC and you will see all the connections
-+from and to the Internet.
-+
-+
-+.TP
-+.B GENERAL OPTIONS
-+.TP
-+\fB\-N\fR, \fB\-\-simple\fR
-+NON interactive mode (without ncurses)
-+.br
-+This method is useful if you want to launch ettercap from a script or if you already
-+know some informations of your target or if you want to launch ettercap in background
-+collecting data or password for you (in combination with the --quiet option).
-+.br
-+Some features are not available in this method, obviously the ones which requires
-+interaction with the user, such as characters injection. But others (for example filtering)
-+are fully supported, so you can set up ettercap to poison two host (a victim and its gateway)
-+and to filter all its connection on the port 80 and replace some string with others,
-+all its traffic to the Internet will be changed as you wish.
-+.TP
-+\fB\-z\fR, \fB\-\-silent\fR
-+start in silent mode (no arp storm on start up)
-+.br
-+If you want to launch ettercap with a non invasive method (some NIDS may raise a warn
-+if they detects too much arp request). You have to know all the requested data of the
-+target in order to use this options. For example if you want to poison two host, you need
-+the two IP and the two MAC addresses of the victims.
-+If you select ipsniff or macsniff this method is automatically selected, because you don't
-+need to know the list of the host in the LAN.
-+.br
-+To know the entire list of the hosts use "ettercap -Nl", but remember that it is a invasive
-+method.
-+.TP
-+\fB\-b\fR, \fB\-\-broadping\fR
-+use a broadcast ping instead of arp storm on start up.
-+.br
-+this method is less intrusive, but even less accurate. some hosts will not respond at the
-+broadcast ping (es. Windows) so they remain invisible to this method. Useful if you want to
-+scan a LAN with Linux hosts. As usual you can combine this option with --list to have a
-+list of the hosts "ettercap -Nlb"
-+.TP
-+\fB\-D\fR, \fB\-\-delay <n sec>\fR
-+the delay in seconds between the arp replies if you have selected an ARP poison sniffing
-+method. This is useful if you want to be less aggressive in the poisoning. On many OS the
-+default validity interval of the arp cache is more than a minute (on FreeBSD is 1200 sec).
-+.br
-+The default delay value is 30 sec.
-+.TP
-+\fB\-Z\fR, \fB\-\-stormdelay <n usec>\fR
-+the delay in micro-seconds between the arp request on arp storm at start up.
-+This is useful if you want to be less aggressive in the scanning. Many IDS will report
-+massive arp request, but if you send them in a slower rate, they will not report any strange
-+behavior.
-+.br
-+The default delay value is 1500 usec.
-+.TP
-+\fB\-S\fR, \fB\-\-spoof <IP>\fR
-+If you want to elude some IDS, you can specify a spoofed IP used to scan the LAN with
-+arp request. The source MAC can't be spoofed because a well configured switch will block
-+your request.
-+.TP
-+\fB\-H\fR, \fB\-\-hosts <IP1[,IP2][,IP3][,...]>\fR
-+on start up, scan only these hosts.
-+.br
-+this is useful if you want to use an ARP scanning of the LAN but only on certain IPs.
-+so you can benefit from a ARP scan but remaining less invasive.
-+Useful even if you want to do PUBLIC ARP but you want to poison only specific hosts.
-+since with a list PUBLIC ARP is automatically converted to SMARTARP, only these host
-+will be poisoned and you can leave untouched the arp caches of the other hosts.
-+.br
-+the IP list must be in dotted notation and separated by comma (without black spaces
-+between them), you can use wildcards.
-+.br
-+eg: 192.168.0.2? --> from 20 to 29
-+.br
-+ 192.168.0.1* --> host 1, from 10 to 19 and from 100 to 199
-+.TP
-+\fB\-d\fR, \fB\-\-dontresolve\fR
-+don't resolve IPs on start up. this is useful if you experience an insane "Resolving
-+n hostnames..." message on start up. This is due to a very slow DNS in your environment.
-+.TP
-+\fB\-i\fR, \fB\-\-iface <IFACE>\fR
-+network interface to be used for all the operation. you can even specify network aliases
-+in order to scan a subnet with different ip form your current one.
-+.TP
-+\fB\-n\fR, \fB\-\-netmask <NETMASK>\fR
-+the netmask used to scan the LAN. (in dotted notation). the default is your current
-+ifconfig netmask. but your netmask is for example 255.255.0.0 I encourage you to specify
-+a more restrictive one, if you managed to do an ARP scanning on start up.
-+.TP
-+\fB\-e\fR, \fB\-\-etterconf <FILENAME>\fR
-+use the config file instead of command line options
-+.br
-+etter.conf example file is packaged in the tarball, refer to it to know how to write a
-+config file. all the instruction are written in this example. via the conf file you
-+can disable selectively one protocol dissector or move it on one other port.
-+.br
-+command line options and config file can be mixed for much flexibility, but remember
-+that the options in the config file override the command line, so if in etter.conf
-+you have specified IFACE: eth0, and you launch "ettercap -i eth1 -e etter.conf"
-+the selected iface will be eth0.
-+.br
-+NOTE: the "-e etter.conf" options has to be specified after all other options.
-+.TP
-+\fB\-v\fR, \fB\-\-version\fR
-+check for the latest ettercap version.
-+.br
-+All operation are under your control. Every step requires a user confirmation.
-+With this option ettercap will connect to the http://ettercap.sourceforge.net:80 web
-+side and ask for the page /latest.php. then the result are parsed and compared with
-+your current version. If there is a newer version available, ettercap will ask you if
-+you want to wget it. (wget must be in the path).
-+.br
-+If you want to automatically answer yes at all the question add the option -y
-+.TP
-+\fB\-h\fR, \fB\-\-help\fR
-+prints the help screen with a short summary of the available options.
-+
-+
-+
-+.TP
-+.B SILENT MODE OPTIONS (only combined with -N)
-+.TP
-+\fB\-u\fR, \fB\-\-udp\fR
-+sniff only UDP packets (default is TCP).
-+This option is only useful in "simple" mode, if you start ettercap in interactive mode
-+both TCP and UDP are sniffed.
-+.TP
-+\fB\-R\fR, \fB\-\-reverse\fR
-+sniff all the connection but the selected one. This option is useful if you are using
-+ettercap on a remote machine and you want to sniff all the traffic but you connection from
-+local to remote, because including it will sniff even the ettercap output and it will be
-+screwed up...
-+.TP
-+\fB\-p\fR, \fB\-\-plugin <NAME>\fR
-+run the plugin "NAME".
-+.br
-+most plugins need a destination host. simply specify it after plugin name, in fact
-+hosts are parsed on command line as first the DEST and so the SOURCE.
-+.br
-+To have a list of the available plugins use "list" (without quotes) as plugin name.
-+.br
-+More detailed info about plugins and about how to write your own are found in the
-+README.PLUGINS file.
-+.Sp
-+Currently these plugins are shipped with the official distro:
-+.Sp
-+ arpcop -- Report suspicious ARP replies (developed by acelent)
-+.br
-+ banshee -- They kill without discretion...
-+.br
-+ dummy -- Dummy plugin. It does nothing ! (only a template)
-+.br
-+ golem -- nice D.O.S. BE CAREFUL !!
-+.br
-+ leech -- Isolate a host from the LAN
-+.br
-+ lurker -- try to search for other ettercap
-+.br
-+ imp -- Retrieves some Windows names
-+.br
-+ ooze -- Ping a host
-+.br
-+ phantom -- Sniff/Spoof DNS requests
-+.br
-+ shadow -- A very simple SYN/TCP port scanner
-+.br
-+ spectre -- flood a switched LAN with random MAC addresses
-+.br
-+ triton -- Try to discover the LAN's gateway
-+.TP
-+\fB\-l\fR, \fB\-\-list\fR
-+lists all the hosts in the LAN, reporting each MAC address.
-+.br
-+Commonly combined options are -b (for broadcast ping) and -d (don't resolve hostname).
-+.TP
-+\fB\-C\fR, \fB\-\-collect\fR
-+collect all users and password from the hosts specified on command line.
-+.br
-+Password collector are configured in the config file (etter.conf), if you want
-+you can disable them selectively or move them on other port. This is useful if you
-+don't want to sniff SSH connection (the key change alert will raise suspects) but
-+want to sniff all other supported protocols. Or even if you know that a host has the
-+telnet service on port 4567, simply move the telnet dissector on 4567/tcp
-+.TP
-+\fB\-f\fR, \fB\-\-fingerprint <HOST>\fR
-+do OS fingerprinting on HOST.
-+.br
-+This option uses the same database and the same method used by
-+.I nmap (c) Fyodor <fyodor@insecure.org>
-+so I report a piece of its man page :
-+.Sp
-+This option activates remote host identification via TCP/IP fingerprinting. In other
-+words, it uses a bunch of techniques to detect subtleties in the underlying operating
-+system network stack of the computers you are scanning. It uses this information to
-+create a 'fingerprint' which it compares with its database of known OS fingerprints
-+(the nmap-os-fingerprints file) to decide what type of system you are scanning.
-+.Sp
-+the -f options even provides you the vendor of the network adapter of the scanned host.
-+the info are stored in the mac-fingerprints database.
-+.TP
-+\fB\-x\fR, \fB\-\-hexview\fR
-+to dump data in hex mode.
-+.br
-+TIP: while sniffing you can change the visualization mode by hitting 'a' for ascii or 'x' for hex.
-+on line help is recalled by 'h'.
-+.TP
-+\fB\-L\fR, \fB\-\-logtofile\fR
-+if used alone logs all data to specific file(s). it crates a separate file for each connection
-+in the form "YYYYMMDD-P-IP:PORT-IP:PORT.log"
-+.br
-+if used with -C (collector) it creates a file with all the password sniffed in the session in
-+the form "YYYYMMDD-collected-pass.log"
-+.TP
-+\fB\-q\fR, \fB\-\-quiet\fR
-+"demonize" ettercap.
-+.br
-+useful if you want to log all data in background. this options will detach
-+ettercap from the current tty and set it as a demon collecting data to files. it must be
-+combined with -NL (or -NLC) otherwise it has no effects. Obviously the sniffing method
-+is required, so you have to combine it with this option.
-+.TP
-+\fB\-k\fR, \fB\-\-newcert\fR
-+create a new cert file for HTTPS man-in-the-middle.
-+.br
-+useful if you want to create a certfile with social engineered information...
-+.br
-+the new file is created in the current working directory. to permanently substitute the
-+default cert file (etter.sll.crt) you have to overwrite /usr/share/ettercap/etter.ssl.crt
-+.TP
-+\fB\-F\fR, \fB\-\-filter <FILENAME>\fR
-+load the filters chains from FILENAME
-+.br
-+the Filtering chains file is written in pseudo XML format. You can write by hand this
-+file or (better) use the ncurses interface to let ettercap create it (press 'F' in the
-+connection list interface). If you are skilled in XML parsing, you can write your own
-+program to make a filter chain file.
-+.Sp
-+the rules are simple:
-+.Sp
-+If the proto <proto> AND the source port <source> AND the dest port <dest> AND the payload <search>
-+match the rules, after the filter as done its action <action>, it jumps in the chain
-+to the filter id specified in the <goto> field, else it jumps to <elsegoto>.
-+If these field are left blank the chain is interrupted. Source and dest port equal to
-+0 (zero) means ANY port. You can use wildcards in the search string (see README for detail)
-+.Sp
-+NOTE: with this options filter are enabled by default, if you want to
-+disable them on the fly, press "S" (for source) or "D" (for dest) while sniffing
-+.Sp
-+NOTE: on command line the hosts are parsed as "ettercap -F etter.filter DEST SOURCE", so
-+the first host is bound to the dest chain and the second to the source chain.
-+.Sp
-+VERY IMPORTANT: the source chain is applied to data COMING FROM source and NOT GOING TO
-+source. keep this in mind !! the same is for dest...
-+.TP
-+\fB\-c\fR, \fB\-\-check\fR
-+check if you were poisoned by other poisoners in the LAN
-+.TP
-+\fB\-t\fR, \fB\-\-linktype\fR
-+check if you are on a switched LAN or not... Sometimes this discovery method can fail.
-+don't trust it at 100%
-+
-+
-+.SH TARGET SPECIFICATION
-+The targets are parsed on command line in reverse order. The first host is the DEST and the
-+second is the SOURCE. this doesn't care if you are sniffing in ip based mode, because
-+source and dest are ignored, but if you are filtering the connection this is crucial for
-+the binding of the related filter chain.
-+.br
-+The reverse order is due to a more intuitive interface for plugins. because some plugins
-+need the dest host to be specified, it is simpler to type:
-+"ettercap -Np ooze victim" than "ettercap -Np ooze NOONE victim".
-+.br
-+The targets can be specified in dotted notation (192.168.0.1) or with their symbolic name
-+(victim.mynet.org). Only within the -H (--hosts) option you can use wildcards.
-+
-+
-+.SH INTERACTIVE MODE
-+The interactive mode (ncurses mode) is automatically selected if ettercap is launched
-+without the option -N . Explain what you can do with it will take pages and pages... and I'm
-+not a good writer... so if you don't know what can you do in some circumstances, simply
-+press 'H' and a help screen will popup. there you can find a detailed list of all available
-+commands.
-+
-+
-+.SH EXAMPLES
-+Here are some examples of using ettercap.
-+.TP
-+.B ettercap -b
-+.Sp
-+On startup use broadcast ping to scan the LAN instead of ARP request all the
-+subnet IPs.
-+.TP
-+.B ettercap -H "192.168.0.?,192.168.0.3?,192.168.0.2*"
-+.Sp
-+On startup scan only the host 192.168.0.1-9, 192.168.0.30-39, 192.168.0.2,
-+192.168.0.20-29 and 192.168.0.200-255.
-+if the PUBLICARP method will be selected only these host will be poisoned.
-+.TP
-+.B ettercap -s 192.168.0.1 192.168.0.2
-+.Sp
-+Enter the interactive mode and sniff only the connections between 192.168.0.1 and 192.168.0.2
-+.TP
-+.B ettercap -Nzs -F etter.filter 192.168.0.1 192.168.0.2
-+.Sp
-+Load filter from etter.filter and activate them on all the connection between 192.168.0.1
-+and 192.168.0.2 . Only Log action will be supported because it is a -s (ipsniffing) method.
-+192.168.0.1 is bound to the dest chain and 192.168.0.2 to the source one.
-+To enable even the replacement and drop actions you have to launch "ettercap -Nza -F
-+etter.filter IP IP MAC MAC"
-+.TP
-+.B ettercap -zs -e etter.conf
-+.Sp
-+Use the ip based sniffing mode and load the other option from the config file (etter.conf).
-+Note that options in the file override command line.
-+.TP
-+.B ettercap -Nzs victim.my.net ANY:80
-+.Sp
-+Sniffs in console mode (non interactive) only the connection to and from "victim.my.net"
-+starting or ending to all other hosts but on port 80 (www). data are dumped in ASCII
-+mode. to dump in HEX mode add the -x option.
-+.TP
-+.B ettercap -NRzs remote.host.net:23 my.local.host.com
-+.Sp
-+Useful to sniffs in console mode (non interactive) all the connection on a remote LAN
-+on which you are executing ettercap. this example will prevent to show your telnet (:23)
-+connection from "my.local.host.com" to "remote.host.net".
-+.TP
-+.B ettercap -Nclt
-+.Sp
-+This will provide you the entire list of hosts in the LAN. Will check if someone is
-+poisoning you and will report its IP. Will tell you if you are on a switched LAN or not.
-+.TP
-+.B ettercap -NCLzs --quiet
-+.Sp
-+This will detach ettercap from console and log to a file all the collected password.
-+Only works if the LAN is hubbed, or if collected password are directed to your host.
-+.TP
-+.B ettercap -NCza -D 100 192.168.0.1 192.168.0.2 55:23:A5:B4:C7:89 00:A3:56:FE:4F:6D
-+.Sp
-+Collect password to stdout on a switched LAN. this will poison the two host 192.168.0.1
-+and 192.168.0.2 each other. The delay between arp replies is set to 100 sec.
-+.TP
-+.B ettercap -Np triton
-+.Sp
-+Launch the plugin "triton" that will try to passively search for the LAN gateway.
-+.TP
-+.B ettercap -Np ooze victim.mynet.org
-+.Sp
-+Launch the plugin "ooze" that will portscan the host "victim.mynet.org" that will be translated
-+with the right IP
-+
-+.SH PLATFORMS
-+Linux 2.0.x 2.2.x 2.4.x
-+.br
-+FreeBSD 4.x
-+.br
-+OpenBSD 2.[789]
-+.br
-+NetBSD 1.5
-+.br
-+Mac OS X (darwin 1.3)
-+
-+
-+.SH FILES
-+/usr/share/ettercap/etter.conf - the config file
-+.br
-+/usr/share/ettercap/etter.filter - the filter chains
-+.br
-+/usr/share/ettercap/etter.ssl.crt - the SSL certificate for HTTPS m-i-t-m
-+.br
-+/usr/share/ettercap/mac-fingerprints - the network adapter vendor database
-+.br
-+/usr/share/ettercap/nmap-os-fingerprints - the nmap (c) Fyodor os fingerprint
-+.br
-+/usr/doc/ettercap-0.5.4/* - the DOCUMENTATION
-+
-+
-+.SH AUTHORS
-+Alberto Ornaghi (ALoR) <alor@users.sourceforge.net>
-+.br
-+Marco Valleri (NaGA) <crwm@freemail.it>
-+
-+
-+.SH AVAILABILITY
-+http://ettercap.sourceforge.net/download/
-+.Sp
-+Or if you want to do an automatic check of the latest version try "ettercap -vy"
-+
-+
-+.SH BUGS
-+Our software never has bugs.
-+.br
-+It just develops random features. ;)
-+.PP
-+.B KNOWN-BUGS
-+.PP
-+- It is better that you don't launch ettercap on a host that is a gateway
-+because it needs to disable ip_forwarding, it may cause problem with routing.
-+.PP
-+- You cannot use plugins on yourself. outgoing link layer packets are not
-+captured by the same socket, so they will be ignored.
-+.PP
-+- While poisoning on a switched LAN, ettercap won't sniff the traffic made
-+by your host to others. the technical reason is: otherwise ettercap will
-+forward your packets two time (and this is not good...) the artistic
-+reason is: why sniffing yourself with a man-in-the-middle method ? use
-+simple sniffing instead ! ;)
-+.PP
-+- While sniffing in Public ARP mode, ettercap can "view" only one way of
-+the connection, so some protocol dissectors can fail...
-+.PP
-+- under X11 resizing the xterm can give a corrupted visualization of the
-+interface. SIGWINCH is *partially* supported.
-+.PP
-+- ettercap doesn't handle fragmented packets... only the first segment
-+will be displayed by the sniffer. However all the fragments are correctly
-+forwarded.
-+.PP
-++ please send bug-report, patches or suggestions to <alor@users.sourceforge.net>
-+or visit http://ettercap.sourceforge.net/forum/ and post it in the BUGS section.
-+.PP
-++ to report a bug, recompile ettercap with 'configure --enable-debug'
-+and attach ettercap_debug.log to the mail in which U explain the problem.
-diff -uNr ettercap-0.6.4.orig/ettercap.spec ettercap-0.6.4/ettercap.spec
---- ettercap-0.6.4.orig/ettercap.spec Thu Jan 1 01:00:00 1970
-+++ ettercap-0.6.4/ettercap.spec Sat Feb 16 16:50:12 2002
-@@ -0,0 +1,40 @@
-+%define prefix /usr
-+
-+Summary: ettercap is a ncurses-based sniffer/interceptor utility
-+Name: ettercap
-+Version: 0.5.4
-+Release: 1
-+Serial: 20010906
-+Packager: ALoR <alor@users.sourceforge.net>
-+Source: http://ettercap.sourceforge.net/download/%{name}-%{version}.tar.gz
-+URL: http://ettercap.sourceforge.net/
-+License: GPL
-+Group: Networking/Utilities
-+Prefix: %{prefix}
-+Buildroot: %{_tmppath}/%{name}-%{version}-root
-+
-+%description
-+ettercap is a multipurpose sniffer/interceptor/logger for switched or "hubbed" LAN.
-+
-+%prep
-+%setup -q
-+
-+%build
-+./configure --prefix=%{prefix} --disable-debug --mandir=%{_mandir}
-+make
-+make plug-ins
-+
-+%install
-+rm -rf $RPM_BUILD_ROOT
-+make install DESTDIR=$RPM_BUILD_ROOT
-+make plug-ins_install DESTDIR=$RPM_BUILD_ROOT
-+
-+%clean
-+rm -rf $RPM_BUILD_ROOT
-+
-+%files
-+%defattr(-,root,root)
-+%{_mandir}/man8/*
-+%doc COPYING README README.PLUGINS HISTORY CHANGELOG AUTHORS TODO THANKS KNOWN-BUGS PORTINGS
-+%{prefix}/bin/*
-+%{prefix}/share/ettercap/*
projects / packages / ettercap6.git / commitdiff