arirang v1.6  - Powerful Webserver Security Scanner
------------

what is the 'arirang' ?
arirang - korean word.
          it's a korea's tradition folk song

'a~ri~rang a~ri~rang a ra ri yo. arirang ~~~~~~~~~~    '

from south korea.

------------
arirang can help network administrators find security vulnerabilities in
their web servers.

arirang different most cgi scanner(whisker,cgichk,...)

This program was originally written under OpenBSD

I wrote these tools with honest intentions to audit my own webserver and our network. 
Please do not abuse this software. 

notice: i tested a Makefile on OpenBSD,FreeBSD,NetBSD

install on Solaris,other Unix users:
	gcc -lsocket -lxnet -o arirang arirang.c rule.c screen.c osfinger.c grabhead.c

if you want to make a file(arirang scan result), try a script(1)
such as
csh) script arirang.out
	 then run a arirang 

this version doesn't include recent www bugs(except Apache chunk bug) 
because i haven't many time. so sometimes write a code. sorry :-<

--
changed 1.6

supported automatic wide ip range scan(fast xx times than 1.6beta version)
supported scan time
fixed broadcast bug
fixed osfinger check
a few bug fixed
supported check recent apache chunk bug scanrule/apache.uxe
moved arirang scan rule files into scanrule directory
fixed gcc -Wall compile option

changed 1.6beta
supported recv msg flags (fixed .ida buffer overflow check)

-- 
pilot <pilot@monkey.org>
http://www.monkey.org/~pilot
