Vulnerability Development mailing list archives
Re: help: raw_ip socket and system implication
From: Izik <izik () tty64 org>
Date: Wed, 21 Nov 2001 02:50:06 +0200
Hellothe core of your problme is the idea that your kernel isn't aware of your actions. there for it's react this way. as part of my job i've come into that problme when i've tried to build a small tcp/ip stack for linux.
once you send a SYN packet (using raw sockets i guess?) this action goes below the kernel supervising
and bascily isn't logged in the kernel innr tcp/ip stack ...after the other side recviced your packet it's generate an answer packet (SYN|ACK).
so far it's all good. but ...once the packet arrived to your machine the kernel picking it up and then drop it (by RST flag).
because it didn't found that connection in any of the recoreds.as you got raw sockets to send packets without kernel getting in the way. you also need the oppsite mate and that's called "DIVERT", "DIVERT" is a method to pick up packets using a firewall (eg. ipchains or iptables) without the kernel getting in the way. it's involed in kernel patch and ipchains (or iptables) as well.
to download and learn more go to: http://www.anr.mcnc.org/~divert/index.shtml
good luck in your project. izik @ http://www.tty64.org
Current thread:
- help: raw_ip socket and system implication qgiorgi () respublica fr (Nov 20)
- Re: help: raw_ip socket and system implication Marc Soda (Nov 20)
- RE: help: raw_ip socket and system implication Dom De Vitto (Nov 21)
- Re: help: raw_ip socket and system implication Mordechai Ovits (Nov 20)
- Re: help: raw_ip socket and system implication Brian O'Berry (Nov 20)
- Re: help: raw_ip socket and system implication Dug Song (Nov 20)
- Re: help: raw_ip socket and system implication Izik (Nov 20)
- Re: help: raw_ip socket and system implication Dmitriy Kropivnitskiy (Nov 30)
- Re: help: raw_ip socket and system implication Marc Soda (Nov 20)