Jump to content

The Arp Watcher


Ibrahim
 Share

Recommended Posts

This is a simple script watching Arp caches,some would say and ip mac address in my cache is nothing to concern i would say that if this cache persist more than one time in this watcher with 5 seconds interval without any connection from me then it CONCERNS except for that it's good to watch announcements for new network clients. hope u like it

new edit 6-10-2007

#include <Process.au3>
ProcessClose("doscan.exe")
TrayTip("Intruder Detector","Program By: Ibrahim Ghorabah",2)
Do
$rc = _RunDos("arp -a >c:\ArpList.bin")
$Size=FileGetSize("c:\ArpList.bin")
$intruder=FileRead("c:\ArpList.bin")
if $Size>143 then 
    TrayTip("Network Watcher","Life Connection From"&$intruder,4,2)
    FileWrite("c:\intruderList.txt",@HOUR&":"&@MIN&"--<Connection From:-"&$intruder)
    FileDelete("c:\ArpList.bin")
    SoundPlay(@WindowsDir&"\media\notify.wav")
    for $n=1 to 5
    TraySetIcon("Off.ico")
    sleep (300)
    TraySetIcon("On.ico")
    sleep (300)
    next 
    
_RunDos("arp -d")
EndIf
TraySetIcon("On.ico")
    Sleep(5000)
    
Until $rc=1

maybe u should increase the file size in the if thing a little so that it wont bug u with the mac address of the router every time

added

sound notify

and icon flashing thing(make sure u but the two icons in side with the script file)

----|>Silly but Nice i guess

Intruder.au3

post-22904-1190771922_thumb.jpg

Off.ico

On.ico

Edited by Ibrahim
Link to comment
Share on other sites

  • 2 weeks later...

try to use any type of connection between two computers and see how the program acts even file sharing

and like i said it's now about the output it's about the pattern

Link to comment
Share on other sites

I went down a different route with it. Now it has a nice tray menu system. Let me know what you think

#include <Process.au3>
#Include <Constants.au3>
#NoTrayIcon
Dim $menu[20]
Dim $ping[20]
Dim $open[20]
Dim $trace[20]
Opt("TrayMenuMode",1)
TraySetIcon("On.ico")
$space = 0
$exititem = TrayCreateItem("Exit")
$Size = 0
TraySetState()
AdlibEnable("getarp", 5000)
getarp()
While 1
    $msg = TrayGetMsg()
    Select
        Case $msg = 0
            ContinueLoop
        Case $msg = $exititem
            ExitLoop
    EndSelect
    For $i = 4 To 19
        If $msg = $ping[$i] Then
            _RunDos("ping -w 50 " & TrayItemGetText($menu[$i]) & ">c:\ping.bin")
            MsgBox(0, "Arp", FileRead("c:\ping.bin"))
        EndIf
        If $msg = $open[$i] Then
            _RunDos("start http://" & TrayItemGetText($menu[$i]))
        EndIf
        If $msg = $trace[$i] Then
            _RunDos("tracert " & TrayItemGetText($menu[$i]) & ">c:\trace.bin")
            MsgBox(0, "Arp", FileRead("c:\trace.bin"))
        EndIf
    Next
    Sleep(10)
WEnd
Exit

Func getarp()
    _RunDos("arp -a>C:\arp.txt")
    $newSize = FileGetSize("c:\arp.txt")
    If $newSize <> $Size then
        $Size = FileGetSize("c:\arp.txt")
        For $i = 4 To 19
            TrayItemDelete ( $menu[$i] )
        Next
        $i = 4
        TrayItemDelete ( $exititem )
        TrayItemDelete ( $space )
        While 1
            $line = FileReadLine( "C:\arp.txt", $i )
            If @error Then ExitLoop
            $line = StringStripWS ( $line, 4 )
            $string = StringSplit( $line, " " )
            If $string[0] = 5 Then
                $menu[$i] = TrayCreateMenu( $string[2] )
                $ping[$i] = TrayCreateItem( "Ping", $menu[$i] )
                $trace[$i] = TrayCreateItem( "Tracert", $menu[$i] )
                $open[$i] = TrayCreateItem( "Open in Browser", $menu[$i] )
                TrayCreateItem( "", $menu[$i] )
                TrayCreateItem( $string[4], $menu[$i] )
                TrayItemSetState ( -1, $TRAY_DISABLE )
                TrayCreateItem( $string[3], $menu[$i] )
                TrayItemSetState ( -1, $TRAY_DISABLE )
            EndIf
            ConsoleWrite($line&@CRLF)
            $i = $i + 1
        WEnd
        $space = TrayCreateItem( "" )
        $exititem = TrayCreateItem("Exit")
        For $n = 1 to 5
            TraySetIcon("Off.ico")
            Sleep (300)
            TraySetIcon("On.ico")
            Sleep (300)
        Next
    EndIf
    _RunDos("arp -d")
EndFunc
Check out ConsultingJoe.com
Link to comment
Share on other sites

before i read it more effenciently i liked the File size thing it's cool and helps exclude computer to computer variation

Link to comment
Share on other sites

first of all that's more professional than what i did i added some things,hope u don't hate it remember to customize your gateway address

#include <Process.au3>
#Include <Constants.au3>
#NoTrayIcon
_RunDos("arp -d")
_RunDos("arp -a>C:\arp.txt")
Dim $menu[20]
Dim $ping[20]
Dim $open[20]
Dim $trace[20]
dim $line
Opt("TrayMenuMode",1)
TraySetIcon("On.ico")
$space = 0
$exititem = TrayCreateItem("Exit")
$Size = FileGetSize("c:\arp.txt")
$myRouter=" 10.0.0.138 00-0e-50-bd-c8-72 dynamic "
TraySetState()
AdlibEnable("getarp", 5000)
getarp()
While 1
    $msg = TrayGetMsg()
    Select
        Case $msg = 0
            ContinueLoop
        Case $msg = $exititem
            ExitLoop
    EndSelect
    For $i = 4 To 19
        If $msg = $ping[$i] Then
            _RunDos("ping -w 50 " & TrayItemGetText($menu[$i]) & ">c:\ping.bin")
            MsgBox(0, "Arp", FileRead("c:\ping.bin"))
        EndIf
        If $msg = $open[$i] Then
            _RunDos("start http://" & TrayItemGetText($menu[$i]))
        EndIf
        If $msg = $trace[$i] Then
            _RunDos("tracert " & TrayItemGetText($menu[$i]) & ">c:\trace.bin")
            MsgBox(0, "Arp", FileRead("c:\trace.bin"))
        EndIf
    Next
    Sleep(10)
WEnd
Exit

Func getarp()
    _RunDos("arp -a>C:\arp.txt")
    $intruder=FileRead("c:\arp.txt")
    StringTrimLeft ( $intruder,34)

    StringReplace($intruder,"Interface"," ")

    $newSize = FileGetSize("c:\arp.txt")
    If $newSize > $Size then
        SoundPlay(@WindowsDir&"\media\notify.wav")
        
        For $i = 4 To 19
            TrayItemDelete ( $menu[$i] )
        Next
        $i = 4
        TrayItemDelete ( $exititem )
        TrayItemDelete ( $space )
        While 1
            $line = FileReadLine( "C:\arp.txt", $i )
            If @error Then ExitLoop
            $line = StringStripWS ( $line, 4 )
            $string = StringSplit( $line, " " )
            If $string[0] = 5 Then
                $menu[$i] = TrayCreateMenu( $string[2] )
                $ping[$i] = TrayCreateItem( "Ping", $menu[$i] )
                $trace[$i] = TrayCreateItem( "Tracert", $menu[$i] )
                $open[$i] = TrayCreateItem( "Open in Browser", $menu[$i] )
                TrayCreateItem( "", $menu[$i] )
                TrayCreateItem( $string[4], $menu[$i] )
                TrayItemSetState ( -1, $TRAY_DISABLE )
                TrayCreateItem( $string[3], $menu[$i] )
                TrayItemSetState ( -1, $TRAY_DISABLE )
            EndIf
     if $line<>$myRouter then
        ConsoleWrite($line&@CRLF)
        TrayTip("Connections",$line,5)
        sleep(1000)
        _RunDos("arp -d")
        
        EndIf
        
            $i = $i + 1
            
        WEnd
        $space = TrayCreateItem( "" )
        $exititem = TrayCreateItem("Exit")
        For $n = 1 to 5
            TraySetIcon("Off.ico")
            Sleep (300)
            TraySetIcon("On.ico")
            Sleep (300)
        Next
        _RunDos("arp -d")
    
    EndIf
    $line=""
EndFunc

hope u don't hate it

Link to comment
Share on other sites

I did Enable/Disable sound and pop up menu item hope u like it and a computer identifications of my own based on mac address of the computer,Hope it's a progress and u like it !

#include <Process.au3>
#Include <Constants.au3>
#NoTrayIcon
_RunDos("arp -d")
_RunDos("arp -a>C:\arp.txt")
Dim $menu[255]
Dim $ping[255]
Dim $open[255]
Dim $trace[255]
dim $EPopup
dim $ESound
dim $line
dim $Ds=0
dim $dp=0
Opt("TrayMenuMode",1)
TraySetIcon("On.ico")
$space = 0
$exititem = TrayCreateItem("Exit")
$DPopup = TrayCreateItem("Disable Poping")
$DSound = TrayCreateItem("Disable Sound")

$Size = FileGetSize("c:\arp.txt")
$myRouter=" 10.0.0.138 00-0e-50-bd-c8-72 dynamic "
TraySetState()
AdlibEnable("getarp", 5000)
getarp()
While 1
    $msg = TrayGetMsg()
    Select
        Case $msg = 0
            ContinueLoop
        Case $msg = $exititem
              ExitLoop
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;disable Eable menu              
Case $msg = $DPopup and $Dp=0 
                TrayItemSetText($DPopup,"Enable Popup")
                $dp=1
    
Case $msg = $DPopup and $Dp=1 
    TrayItemSetText($DPopup,"Disable Popup")
    $dp=0
    
Case $msg = $DSound and $ds=0
          TrayItemSetText($DSound,"Enable Sound")
            $Ds=1
    
Case $msg = $DSound and $ds=1
            TrayItemSetText($DSound,"Disable Sound")
            $Ds=0
        ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
            
EndSelect
    For $i = 4 To 19
        If $msg = $ping[$i] Then
            _RunDos("ping -w 50 " & TrayItemGetText($menu[$i]) & ">c:\ping.bin")
            MsgBox(0, "Arp", FileRead("c:\ping.bin"))
        EndIf
        If $msg = $open[$i] Then
            
            ShellExecute("\\" & TrayItemGetText($menu[$i]))
        EndIf
        If $msg = $trace[$i] Then
            run("telnet " & TrayItemGetText($menu[$i]))
         EndIf
    Next
    Sleep(10)
WEnd
Exit

Func getarp()
    _RunDos("arp -a>C:\arp.txt")
    $intruder=FileRead("c:\arp.txt")
    StringTrimLeft ( $intruder,34)

    StringReplace($intruder,"Interface"," ")

    $newSize = FileGetSize("c:\arp.txt")
    If $newSize > $Size then
        if $Ds=0 then SoundPlay(@WindowsDir&"\media\CLICK-SLIDE1.WAV")
        
        For $i = 4 To 19
            TrayItemDelete ( $menu[$i] )
        Next
        $i = 4
        TrayItemDelete ( $exititem )
        TrayItemDelete ( $space )
        While 1
            
            $line = FileReadLine( "C:\arp.txt", $i )
            If @error Then ExitLoop
            $line = StringStripWS ( $line, 4 )
            $string = StringSplit( $line, " " )
            If $string[0] = 5 Then
                $menu[$i] = TrayCreateMenu( $string[2] )
                $ping[$i] = TrayCreateItem( "Ping", $menu[$i] )
                $trace[$i] = TrayCreateItem( "telnet", $menu[$i] )
                $open[$i] = TrayCreateItem( "Open in Browser", $menu[$i] )
                TrayCreateItem( "", $menu[$i] )
                TrayCreateItem( $string[4], $menu[$i] )
                TrayItemSetState ( -1, $TRAY_DISABLE )
                TrayCreateItem( $string[3], $menu[$i] )
                TrayItemSetState ( -1, $TRAY_DISABLE )
            EndIf
     if $line<>$myRouter then
        ConsoleWrite($line&@CRLF)
        $line=StringTrimRight ( $line, 9)
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;comuter identification
        $line=StringReplace($line,"00-19-21-4b-75-83","----->عمو علاء",1,2)
        $line=StringReplace($line,"00-19-21-4b-4d-39","----->عمو عاصم",1,2)
        $line=StringReplace($line,"00-01-03-d1-0e-3b","-----> بتاع اسطوانة الشبكات والحركات"&" 19",1,2)
        $line=StringReplace($line,"00-17-31-50-51-35","----->Bebo 2")
        $line=StringReplace($line,"00-15-58-1f-81-06","----->Bebo 1")
        $line=StringReplace($line,"00-15-f2-be-43-55","----->Bebo 3")
        $line=StringReplace($line,"00-a1-b0-a3-20-a1","----->25")
        $line=StringReplace($line,"00-16-e6-3b-7a-81","----->26")
        $line=StringReplace($line,"00-a1-b0-a1-9c-23","----->27")
        $line=StringReplace($line,"00-15-58-57-a8-09","----->30")
        $line=StringReplace($line,"00-e0-20-51-71-2f","----->جهاز عمو علاء القديم")
        $line=StringReplace($line,"00-13-d3-e8-b4-f2","----->22 إللي علطووول سبوووووووفينج")
        $line=StringReplace($line,"00-40-63-c7-6d-a2","----->38 حبيب الملايين")
        $line=StringReplace($line,"00-00-00-00-00-00","Offline")
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
        if $Dp=0 Then TrayTip("Connections",$line,5,1)
        sleep(1000)
        _RunDos("arp -d")
        
        EndIf
        
            $i = $i + 1
            
        WEnd
        $space = TrayCreateItem( "" )
        $exititem = TrayCreateItem("Exit")
        For $n = 1 to 5
            TraySetIcon("Off.ico")
            Sleep (300)
            TraySetIcon("On.ico")
            Sleep (300)
        Next
        _RunDos("arp -d")
    
    EndIf
    $line=""
EndFunc
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...