Is The Oz Libpcap Broken?, Many network tools seem to be broken
post Aug 29 2006, 05:56 PM
So, here I am, trying to get anything from ettercap-ng to tcpdump working. Tried the libpcap in the feed, no luck. Built libpcap and related packages from source on the Z (C1k), still no luck. When I build ettercap-ng from the source, it doesn't run properly. TCPdump can't sniff promisc. regardless of whether I use the libpcap from the feed, or my own build. (I have a fairly robust native build environment on the Z-- at least I hope) The ettercap from the feed is also fairly useless when it comes to actually sniffing. This problem occurs regardless of whether I'm using my wifi card (prism2.5, hostap) or USB ethernet adapter (asix). Manually running ifconfig <interface> promisc has no noticeable effect either.

I was hoping to equip this Z as an all-out network audit toolkit (nmap, tcpdump, aircrack, void11, kismet, ettercap-ng, metasploit, nessus, dsniff, tcpick, ethereal, etc.) but at this point I can't even get the basics running.

Am I an idiot or is there something up here-- I'm not new to Linux, (or other *NIX-like OSes) but I haven't looked too far into these tools before, so maybe I'm pointing fingers at the wrong library...

Anyone have ideas?
(could this be an issue with libnet? I've tried the feed version and my own builds as well)



UPDATE: tcpdump seems to work correctly now [just tested it with the wifi, is it possible the asix drivers still won't do promiscuious-- I haven't tested it yet], but ettercap from the feed is still 95% ineffective, as is the version I built. I guess this means the problem lies in a different library... I'm just confused now wink.gif
