# ex: set tabstop=8 textwidth=78:


IN A NUTSHELL
=============================================================================

lanmap takes input in the form of network traffic from one or more NICs and
outputs a graphical representation of the network in the form of a graphviz
input file, then it runs graphviz and puts the resulting image/svg file in the
graph/ directory

network -> lanmap -> graphviz -> image/svg viewer


Note that lanmap is completely passive and does not scan or send any network
traffic whatsoever. This means that you'll only get "regular" traffic from any
machines on your side of a switch, but you'll still get broadcast traffic.


FEEDBACK
=============================================================================

If you use lanmap I'd love to hear about it. Send feedback to
pizza@parseerror.com. I'd like to know what did and didn't work for you.  I'd
also love to see the resulting maps, as I have only a limited network to test
on. Also, any packet dumps from known operating systems and devices, or any
grepped 'no match' signature lines would be most appreciated!


OPERATING SYSTEM DETECTION
=============================================================================

lanmap uses fingerprints from TCP SYN packets, PINGs/PONGs and DHCP to
try to figure out which operating system is on the other end. All signatures
are (frighteningly) in facts.c; I'd like to move them out to an external ASCII
datafile so they could be updated without recompilation, but it won't be an
easy task.

If you have any dumps of packets sent from known operating systems please
send them to pizza@parseerror.com; any feedback or contribution is appreciated


PLATFORMS
=============================================================================

lanmap is designed to be portable, it should work on any *NIX/Windows on
which libpcap works, or be possible to make it so with as little insanity
as possible.

OS	Arch	Ver	Status
-----------------------------------------------------------------------------
Linux	x86	HEAD	Works, main development platform
Linux	x86-64	HEAD	Works, test env
WinXP	x86	HEAD	Works, test env
OS X	PPC	?	Worked at one point, currently unknown
FreeBSD	?	?	?
OpenBSD	?	?	?
NetBSD	?	?	?



