Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Raw Sockets

Raw Sockets

Ratings: (0)|Views: 372 |Likes:
Published by manjunathbhatt
Raw sockets
Raw sockets

More info:

Published by: manjunathbhatt on Mar 13, 2010
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





Raw Sockets
Why raw sockets? 
Till now we only receive frames destined to us (Unicast), everyone (Broadcast), and to a group thatwe have subscribe to (Multicast).We are only to receive only data because all the Headers i.e. Ethernet, IP, TCP etc are stripped bythe network stack.We can't modify or create a header for a packet when we send the packet.
Raw Socket 
is the answer to the above short comes.With raw sockets we can get all the headers i.e. Ethernet, TCP, IP etc from the network and we canalso inject packets with custom headers and data into the network directly
Promiscuous Mode
We tells the network driver to accept all packets irrespective of whom the packets are addressed toi.e. “See All, Hear All” Wizard modeE.g. Used for Network MonitoringInterface can be set to promiscuous mode
Programmatically by setting the IFF_PROMISC flag or
Using the ifconfig utility i.e. ifconfig eth0 promiscWith Raw Sockets we can bypass the network stack.
Raw Socket Creation 
The socket function creates a raw socket when the first argument is AF_INET/PF_INET, the secondargument is SOCK_RAW. The third argument (the protocol) is normally nonzero.
socket(PF_INET, SOCK_RAW, int protocol); 
In this case A raw socket receives or sends the raw datagram not including link level headers.(or)The socket function can also create a raw socket when the first argument isAF_PACKET/PF_PACKET, the second argument is SOCK_RAW. The third argument is the protocol.socket(PF_PACKET, SOCK_RAW, int protocol)protocol is ETH_P_IP for IP networks. It is mostly used as a filter. To receive all types of packetsETH_P_IP is used.In this case A raw socket receives or sends packet at layer 2 of the OSI i.e. Device driver
The Ethernet Header 
Defined in linux/if_ether.h

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->