Re: Error in send, while using IP_HDRINCL

Hi!

"sudesh Sawant" <sudesh Sawant@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:61BAECDA-04A1-412D-8B1F-860B162336FC@xxxxxxxxxxxxxxxx
> We are facing problems in sending and receiving
> data on raw socket. We can't receive data through raw sockets on win 2k
> Advanced Servermachine's (We found it documented on MS site.
> http://support.microsoft.com/?kbid=890856 We could not obtain a update for
> it.). We also can't send data through raw socket with header included
> option
> 'on' on win xp machines having service pack2.

The only way to contact local MS( it's representative ) to receive the
update

> Weird problem is, we can send data through raw sockets with header
> included
> option
> 'on' on win xp machines having service pack 1, but we can't receive data
> through raw sockets.
> Also sending data through raw sockets with header included option 'on' is
> possible on win 2k machines. We are able to send data if header included
> option is switched 'off' on win xp sp2 machines. But it adds an extra
> ip+udp
> header. Need to find other socket options to be set
> along with header included option.
>
> Actually we want to spoof address for purpose of developing simulators. We
> want to keep the implementation simple. hence we are making use of raw
> socket
>
> Which OS do we try on?
>
> How much problems do we run into? It is good that microsoft tries to make
> the lifes of hacker miserable, but a hacker anyways would not use a raw
> socket when he can try more exploits with other stuff. Just this makes our
> lives worst!!
>
My condolences :( , but hackers do use raw sockets ...

> We now have to use winpcap may be?
>

Yes ,that option , because custom protocol driver ( winpcap use such ) work
in parallel with tcpip so you can catch from it raw data

Arkady

ive a definitive answer on this? Which OS should we work on?
>
> - Sudesh Sawant
>
>
> "Arkady Frenkel" wrote:
>
>> In such case report that bug to MSFT , due to
>> http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx#EIAA
>> that sould work if you are correctly done all
>> Arkady
>>
>> "Rajat" <Rajat@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:00D8521B-A4ED-40D3-908F-911CC03B4186@xxxxxxxxxxxxxxxx
>> > No but I have checked this thing, the source IP in packet is same as
>> > the
>> > host
>> > IP. But its not working for XP machines having SP 2 installed, but for
>> > SP
>> > 1,
>> > its working fine.
>> >
>> > "Arkady Frenkel" wrote:
>> >
>> >> That forbidden for TCP , for UDP that forbidden only if source IP not
>> >> equal
>> >> to host IP.
>> >> Arkady
>> >>
>> >> "Rajat" <Rajat@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> >> news:EFCC3810-D6FB-49D0-998C-2881F35BE872@xxxxxxxxxxxxxxxx
>> >> >
>> >> > But I have heard that, RAW socket "send" functionality is forbidden
>> >> > in
>> >> > Service Pack 2, due to avoide DOS attack.
>> >> >
>> >> > "Arkady Frenkel" wrote:
>> >> >
>> >> >> Due to MSDN :
>> >> >> WSAEINTR
>> >> >> 10004
>> >> >> Interrupted function call.
>> >> >> A blocking operation was interrupted by a call to
>> >> >> WSACancelBlockingCall
>> >> >>
>> >> >>
>> >> >> Arkady
>> >> >>
>> >> >> "Rajat" <Rajat@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> >> >> news:0F628081-26F4-4976-AD0D-08089CA67326@xxxxxxxxxxxxxxxx
>> >> >> > Hi all,
>> >> >> >
>> >> >> > I am using IP_HDRINCL option to bypass network and trnasport
>> >> >> > layer
>> >> >> > headrs,
>> >> >> > and use my own, using
>> >> >> >
>> >> >> > RAW udp socket. Here is the code for that,
>> >> >> >
>> >> >> > /* Create datagram UDP socket. */
>> >> >> > udp_socket = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);
>> >> >> >
>> >> >> > int optval = 1; /* Flag value to be set. */
>> >> >> >
>> >> >> > err_code = setsockopt(udp_socket,
>> >> >> > IPPROTO_IP,
>> >> >> > IP_HDRINCL,
>> >> >> > (const char FAR *)&optval,
>> >> >> > sizeof(int));
>> >> >> >
>> >> >> > Then after perpending UDP and IP headers, while sending as,
>> >> >> >
>> >> >> > /* Send the probe packet to the destination. */
>> >> >> > bytes_sent = sendto(udp_socket,
>> >> >> > (const char*)probe_pkt_buff,
>> >> >> > 28 + packet_size,
>> >> >> > 0,
>> >> >> > (SOCKADDR*)&dest_addr,
>> >> >> > sizeof(SOCKADDR_IN));
>> >> >> >
>> >> >> > I am getting error code : 10004.
>> >> >> >
>> >> >> > Could anybody point out on this situation. Any comment would be
>> >> >> > appriciated.
>> >> >> >
>> >> >> > Regards,
>> >> >> > Rajat.
>> >> >>
>> >> >>
>> >> >>
>> >>
>> >>
>> >>
>>
>>
>>


.

Relevant Pages

  • Re: Error in send, while using IP_HDRINCL
    ... we can send data through raw sockets with header included ... 'on' on win xp machines having service pack 1, ... "Arkady Frenkel" wrote: ...
    (microsoft.public.win32.programmer.networks)
  • Re: XP SP2 raw tcp
    ... > get filtered (if they are RAW IP with TCP set as protocol in IP HEADER)? ... all raw sockets get filtered if TCP is set as the ...
    (microsoft.public.win32.programmer.networks)
  • Re: raw sockets: question about sending IP + UDP header
    ... > the UDP datagram through a raw socket client to a UDP socket server. ... > to test if my IP header and IP checksum is correct plus of course my UDP ... There's a chapter on Raw Sockets in Unix Network Programming, ...
    (comp.unix.programmer)
  • Re: Changing TTL of incoming packets?
    ... Arkady ... > Just play with raw sockets and change TTL field in IP header, ... > RFC791 where it is but be aware that dummy header have to be changed too, ...
    (microsoft.public.win32.programmer.networks)