Closed maximcherny closed 9 years ago
glennzw
commented
9 years ago Hi there,
Brilliant, thanks for doing this. Over the weekend at avery busy location I had a few thousand "unknown" devices - so it's about time I update that file. I created the mac_vendor.txt from the Wireshark list, but almost a year ago.
Also, great idea on the auto-repopulation. Added to ToDo.txt.
Thanks for the feedback, G
maximcherny
commented
9 years ago No worries, thanks for merging. Also, the number of unknown devices may in part be related to the absence of FCS check in scapy, as some mangled MACs and SSIDs come through every now and then.
If the auto-repopulation is a go, I might get another request in to add this as a cmd argument.
A quick comparison against the most recent Wirehsark OUI lookup file reveals the potential to add > 1000 additional entries to the mac_vendor.txt lookup file.
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob_plain;f=manuf;hb=HEAD
While the origin of the mac_vendor.txt is not known to me, I assume it is based on a similar source (e.g. Wirehsark manuf file, IEEE OUI file or another derivative).
Using the Wirehsark manuf file is suggested as the basis as it incorporates data from multiple source and provides the short / long vendor names, as expected by the existing implementation.
The following features could be useful:
This should minimise the potential shortcomings around being able to recognise vendors for recently manufactured devices.