Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?

RE: Simple Construction of a RAW TCP/IP Packet.

by brick (Sexton)
on Jun 14, 2000 at 05:04 UTC ( #18016=note: print w/replies, xml ) Need Help??

in reply to Simple Construction of a RAW TCP/IP Packet.

I wonder if this could be combined with some of the portscanner bits that have been posted then you could make an adjustable packet size autoscanning sort of thing to create signatures for a log munger-- something that looked for that kind of traffic and then noted it? Hrmmmm. Kind of building a tool to build a tool, but... -brick.
  • Comment on RE: Simple Construction of a RAW TCP/IP Packet.

Replies are listed 'Best First'.
RE: RE: Simple Construction of a RAW TCP/IP Packet.
by cleen (Pilgrim) on Jun 14, 2000 at 06:55 UTC
    Definatly, and I have done a simple port scanner with this, with options found much like in the Nmap scanner, IE fin scans (set your fin bit to 1 in the code, and the syn bit to 0) and look for ACK/RST for closed ports. Having the ability to construct the headers the way you want has infinate uses, at least in my mind.
Re^2: Simple Construction of a RAW TCP/IP Packet.
by Anonymous Monk on Sep 09, 2004 at 01:31 UTC
    Hey, have you finished that raw icmp paper? I'm coding, and I can't any thing that gives me the info on the type, code, chksum, identifier and seq # and how to pack them, icmp style. I def. want to check that out. You did a great job on the last one. Anyways, let me know. thanks!

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://18016]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (9)
As of 2016-10-26 07:11 GMT
Find Nodes?
    Voting Booth?
    How many different varieties (color, size, etc) of socks do you have in your sock drawer?

    Results (336 votes). Check out past polls.