From 8bbaa0c91ce6600b9deecc475fc534cacdc5d121 Mon Sep 17 00:00:00 2001
From: fyodor <fyodor@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Mon, 9 Jul 2012 22:53:41 +0000
Subject: [PATCH] Add a task to add a --disable-arp-ping option so that Nmap
 can better handle proxy arp situations

---
 todo/nmap.txt | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/todo/nmap.txt b/todo/nmap.txt
index 7f261df96..3104af7d8 100644
--- a/todo/nmap.txt
+++ b/todo/nmap.txt
@@ -1,5 +1,16 @@
 TODO $Id: TODO 11866 2009-01-24 23:10:05Z fyodor $ -*-text-*-
 
+o Add a function such as --disable-arp-ping which prevents hosts from
+  being automatically detected as 'up' just because they responded to
+  ARP.  Instead, Nmap will actually send the requested host discovery
+  probes (ICMP ping packets, SYN packets, etc.) and only mark the host
+  as up if it responds on an IP level.  This is how machines are
+  already treated if they're not on the local network (e.g. if ARP
+  discovery is unavailable).  This technique is a bit slower and more
+  likely to miss hosts (e.g. if they're heavily firewalled) than ARP
+  discovery, but the option is needed to handle local networks which use
+  proxy ARP, which would otherwise cause all IPs to appear to be up.
+
 o We should add fields to the service submitter [James is working on this]
   (http://insecure.org/cgi-bin/submit.cgi?new-service) for the
   application name and version.