Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic

Re^2: udp recv question

by smackdab (Pilgrim)
on Jun 28, 2004 at 01:46 UTC ( #370075=note: print w/replies, xml ) Need Help??

in reply to Re: udp recv question
in thread udp recv question

Thanks, NetPacket::ICMP looks great and I know I will need to decode the ICMP packet once I can figure out how to recv() it...

My question is a UDP->ICMP question.

I am sending out a UDP packet, which in the examples I have seen is valid and my example works correctly (when viewed from a sniffer type product).

When a UDP port isn't available on the remote machine a ICMP unreachable packet is sent back.

I can't figure out how to "read" that packet...and that is my question.

Replies are listed 'Best First'.
Re^3: udp recv question
by tachyon (Chancellor) on Jun 28, 2004 at 02:50 UTC

    You really don't want to code this yourself. Here is a trivial example for interest sake only. It shows you how to build a packet (and its checksum) and that you do get data back which as you can see it is encoded in a binary packet format.

    use IO::Socket; use constant ICMP_ECHO => 8; use constant SUBCODE => 0; # No ICMP subcode for ECHO and ECHOR +EPLY use constant ICMP_STRUCT => "C2 n3 A64"; my $icmp = IO::Socket::INET->new( PeerAddr => '', Proto=>'icmp' ); print "Got socket\n"; my $data = '1'x64; my $seq = 1; my $checksum = 0; my $msg = pack(ICMP_STRUCT, ICMP_ECHO, SUBCODE, $checksum, $$, $seq, $ +data); $checksum = checksum($msg); my $msg = pack(ICMP_STRUCT, ICMP_ECHO, SUBCODE, $checksum, $$, $seq, $ +data); print "Sending: $msg\n"; $icmp->send($msg); $icmp->recv(my $buf, 1500); print "Got: $buf"; print "Done\n"; sub checksum { my ($msg ) = @_; my $len_msg = length($msg); my $num_short = int($len_msg / 2); my $chk = 0; for my $short (unpack("n$num_short", $msg)) { $chk += $short; } $chk += (unpack("C", substr($msg, $len_msg - 1, 1)) << 8) if $len_ms +g % 2; $chk = ($chk >> 16) + ($chk & 0xffff); return(~(($chk >> 16) + $chk) & 0xffff); }




      I can also be quite dense on some of these matters...but:
      I am NOT trying to SEND an ICMP packet.
      I AM trying to see if a remote UDP port is "open"
      My assumption has been to send a UDP packet out
      and if the port is CLOSED, then I get a ICMP error msg back
      Otherwise I know the remote port is OPEN...

      The code above sends an UDP packet out and an ICMP error msg is sent back. But I DON'T know how to grab it. I tried reading on the UDP and ICMP sockets but neither *seem* to have it.

      Are you saying that I need to send an ICMP packet out???

      Again, sorry if I am missing something completely obvious ;-)

        You need to read up on port scanning. UDP is connectionless ie you can't see if a port is open by seeing if you can connect a socket to it, you have to send some data and check for a response.

        Port scanning usually means scanning for TCP ports, which are connection-oriented and therefore give good feedback to the attacker. UDP, or connection-less traffic, responds in a different manner. In order to find UDP ports, the attacker generally sends empty UDP datagrams at the port. If the port is listening, the service will send back an error message or ignore the incoming datagram. If the port is closed, then the operating system sends back an "ICMP Port Unreachable" message.

        Note that UDP packets may be dropped by all manner of devices along the way (so you get no response). The response, if it is coming, will arrive on the socket you sent the probe out on as shown. You have to send some sort of valid(ish) UDP packet to incite a response from the server.

        NetworkInfo::Discovery::Scan does what you want and you can pull code from there.



        Yes, he is telling you that.

        Taken from the RFC 768

        The UDP protocol provides a procedure for application programs to send messages to other programs with a minimum of protocol mechanism. The protocol is transaction oriented, and delivery and duplicate protection are not guaranteed. Applications requiring ordered reliable delivery of streams of data should use the Transmission Control Protocol (TCP).

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://370075]
[marto]: yeah, so our hackerspace, we run mailman. that's a public discussion list, not a weekly buy our crap marketing list, people can unsubscribe at any time. What they can't do is delete their mails from the archive, or from the inboxes of our hundreds of user
[Corion]: marto: I'm not sure on how to treat mail archives. I think you could either set an auto-deletion timespan or an auto-anonymisation timespan if you wanted to do it right.
[Corion]: For PM, I think we'll create a user "gdpr", who gets assigned the nodes of users who want to give up their user status here.

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (7)
As of 2018-05-22 08:26 GMT
Find Nodes?
    Voting Booth?