raw sockets
Author
ok heres the thing... what is the best way (in windows or linux)
to access the raw ip header on a packet
i know u can create one with socket(AF_INET,SOCK_RAW,IPPROTO_RAW);
or something like that but how would u go about sending the data?
you cant really use sendto cause it wants a port in sockaddr and ip doesnt have a notion of ports
im thinking of maybe doing the following... would this work?
char packet[]="insert ip header and anything else in the packet here";
int sock=socket(AF_INET,SOCK_RAW,IPPROTO_RAW);
send(sock,packet,sizeof(packet),0);
for recv would u just do
recv(sock, buff, MAX_LEN,0); and would that give you the raw packet that was sent?
any help would be apreicated thanks
Few people will actually know how to use raw sockets. However, you might try searching the net for IP spoofing and e.g. landzone / teardrop attacks. Those all involve raw sockets in a way, and you''re likely to find example code that way.
cu,
Prefect
cu,
Prefect
Teardrop?!
Don''t go bothering about for hacks, probably uses non-standard methods to cause network problems, which is something you want to avoid. Raw Sockets are a legitimate concept.
On Linux, I did a ''man -K "raw socket"'' and found the following man page:
''man 7 raw''
It''ll give you a quick run down on raw sockets.
Hit google if you need a tutorial beyond that.
For Microsoft, I did a search on www.msdn.microsoft.com with "raw sockets" and found the following in the online Windows Socket SDK:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/winsock/wsanxref_8x02.asp
May I ask what''s the intent of using Raw Sockets? They have a bad rap on the internet as being a security issue. I''m not sure all versions of Windows suppor them (but XP does I believe). Also, if this is because you think you might save some network overhead by trimming the size of the header, you''ll end up making up for that bandwith with bigger packet sizes to handle the information needed to keep track of who sent what.
R.
Don''t go bothering about for hacks, probably uses non-standard methods to cause network problems, which is something you want to avoid. Raw Sockets are a legitimate concept.
On Linux, I did a ''man -K "raw socket"'' and found the following man page:
''man 7 raw''
It''ll give you a quick run down on raw sockets.
Hit google if you need a tutorial beyond that.
For Microsoft, I did a search on www.msdn.microsoft.com with "raw sockets" and found the following in the online Windows Socket SDK:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/winsock/wsanxref_8x02.asp
May I ask what''s the intent of using Raw Sockets? They have a bad rap on the internet as being a security issue. I''m not sure all versions of Windows suppor them (but XP does I believe). Also, if this is because you think you might save some network overhead by trimming the size of the header, you''ll end up making up for that bandwith with bigger packet sizes to handle the information needed to keep track of who sent what.
R.
Heh. Teardrop & co. are doing non-standard things to cause trouble, that's true. On the other hand, they're doing non-standard things to the _packets_, not to the API, e.g. setting source IP == destination IP on ICMP pings, which causes older OSs to crash (probably because they were ping flooding themselves or something).
Raw sockets are present in all Unices and in Win2k and WinXP. As stated before, you can't save bandwidth using raw sockets, but you won't waste bandwidth either. Generally, you can do a lot of Bad Things if you're not careful with raw sockets. On the other hand, raw sockets are necessary for programs as simple as ping (ever wondered why the ping program is installed as SUID root on Unix?).
Yes, Windows had ping before Win2k. I assume they built in some quirky hacks in order to allow sending ICMPs from user space.
BTW, this is the source for a "simple ping" which I just found on Google:
http://opensource.lineo.com/cgi-bin/cvsweb/netkit-tiny/ping.c?rev=1.2&content-type=text/x-cvsweb-markup&sortby=file
cu,
Prefect
Edited by - Prefect on December 13, 2001 10:34:59 AM
Raw sockets are present in all Unices and in Win2k and WinXP. As stated before, you can't save bandwidth using raw sockets, but you won't waste bandwidth either. Generally, you can do a lot of Bad Things if you're not careful with raw sockets. On the other hand, raw sockets are necessary for programs as simple as ping (ever wondered why the ping program is installed as SUID root on Unix?).
Yes, Windows had ping before Win2k. I assume they built in some quirky hacks in order to allow sending ICMPs from user space.
BTW, this is the source for a "simple ping" which I just found on Google:
http://opensource.lineo.com/cgi-bin/cvsweb/netkit-tiny/ping.c?rev=1.2&content-type=text/x-cvsweb-markup&sortby=file
cu,
Prefect
Edited by - Prefect on December 13, 2001 10:34:59 AM
I''m having trouble finding people with good reasons for using raw sockets. I understand ping, traceroute etc... but I highly doubt you''d gain anything by using raw sockets for a game libary, and there''s certainly a lot of room to screw something up.
Author
much thanks to all who replied Rube and Prefect thanks for the info
btw im not trying to attack anything i just enjoy knowledge on anything computer related (i.e. how ping works)
thanks folks
p.s. no im not trying to write a game w/ raw sockets
btw im not trying to attack anything i just enjoy knowledge on anything computer related (i.e. how ping works)
thanks folks
p.s. no im not trying to write a game w/ raw sockets
quote:Original post by JonStelly
I''m having trouble finding people with good reasons for using raw sockets. I understand ping, traceroute etc... but I highly doubt you''d gain anything by using raw sockets for a game libary, and there''s certainly a lot of room to screw something up.
I was thinking about writing my own socket api (a Socket Template Library) that was, shall we say, less chaotic than winsock and more efficient than bsd sockets (I want to take advantage of asyncronous IO). I figured it''d be cleanest to start using a raw socket, and build functionality from there, there-by minimizing my dependency on the antiquated socket APIs. And learn how the IP protocol really works in the process.
ipTransport|+-icmpSocket|+-udpTransport | +-tcpTransport | | | +-ftpSocket | | | +-httpSocket | +-rtpTransport | +-mpegSocket Implemented as a set of templates supporting binary streams (and text in the case of an ircSocket).
Magmai Kai Holmlor
"Oh, like you''ve never written buggy code" - Lee
"What I see is a system that _could do anything - but currently does nothing !" - Anonymous CEO
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
