Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw

RE: Simple Construction of a RAW TCP/IP Packet.

by brick (Sexton)
on Jun 14, 2000 at 05:04 UTC ( #18016=note: print w/replies, xml ) Need Help??

in reply to Simple Construction of a RAW TCP/IP Packet.

I wonder if this could be combined with some of the portscanner bits that have been posted then you could make an adjustable packet size autoscanning sort of thing to create signatures for a log munger-- something that looked for that kind of traffic and then noted it? Hrmmmm. Kind of building a tool to build a tool, but... -brick.
  • Comment on RE: Simple Construction of a RAW TCP/IP Packet.

Replies are listed 'Best First'.
RE: RE: Simple Construction of a RAW TCP/IP Packet.
by cleen (Pilgrim) on Jun 14, 2000 at 06:55 UTC
    Definatly, and I have done a simple port scanner with this, with options found much like in the Nmap scanner, IE fin scans (set your fin bit to 1 in the code, and the syn bit to 0) and look for ACK/RST for closed ports. Having the ability to construct the headers the way you want has infinate uses, at least in my mind.
Re^2: Simple Construction of a RAW TCP/IP Packet.
by Anonymous Monk on Sep 09, 2004 at 01:31 UTC
    Hey, have you finished that raw icmp paper? I'm coding, and I can't any thing that gives me the info on the type, code, chksum, identifier and seq # and how to pack them, icmp style. I def. want to check that out. You did a great job on the last one. Anyways, let me know. thanks!

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://18016]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (6)
As of 2018-07-21 15:49 GMT
Find Nodes?
    Voting Booth?
    It has been suggested to rename Perl 6 in order to boost its marketing potential. Which name would you prefer?

    Results (449 votes). Check out past polls.