Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Raw Sockets Programming
Special Forums IP Networking Raw Sockets Programming Post 302349030 by Zykl0n-B on Monday 31st of August 2009 12:45:38 AM
Old 08-31-2009
RAW Sockets aren't a difficult thing, but you'll need deep knowledge of TCP/IP stack protocols, and practice with socket programming.

I recommend you to read a very short book named "TCP/IP Sockets in C: Practical Guide for Programmers - Michael J. Donahoo, Kenneth L. Calvert", it's not about raw sockets, but TCP/IP sockets.

Then, when you feel comfortable with the socket calls, options, and types, here is a GREAT text about raw socket programming with examples and source code, which talks about TCP/UDP/IP/ICMP, and how to calculate headers checksums:

http://packetstormsecurity.nl/progra...raw_socket.txt

Oh, right, for the TCP/IP "theory" part, i recommend you the following books:

The TCP/IP Guide: A comprehensive, illustrated Internet Protocols Reference - Charles M. Kozierok
TCP/IP Clearly explained 4th edition - Pete Loshin
TCP/IP Illustrated, Volume 2: The Implementation - Gary R. Wright, W. Richard Stevens

And of course, UNIX® Network Programming Volume 1, Third Edition: The Sockets Networking API - W. Richard Stevens, Bill Fenner, Andrew M. Rudoff
Best regards.
Zykl0n-B
 

8 More Discussions You Might Find Interesting

1. Programming

Sockets!?!?!?!?!?!

I am looking for a way to have a program listen on a port (example: 8000) for communication I will be sending via that port to it(Linux Kernel machine). Once it recieves an appropiate command I need it to run a .bat file in linux. I know what I need to do but I am running into a few problems:... (8 Replies)
Discussion started by: bigB8210
8 Replies

2. Solaris

Sockets in use

Is there a way to see what sockets are in use? The developers here are getting some defunct processes and they would like to get a socket list. This is on a Solaris 8 machine. Thanks! (1 Reply)
Discussion started by: kjbaumann
1 Replies

3. Programming

Programming Sockets to Reconnect

Hello everyone, I'm very interested in sockets programming for developing games. Right now i'm trying to develop a client, and connecting to a host and port can be done, but i googled lots of pages, but i could not find how to reconnect to the host/port if the connection is somehow... (2 Replies)
Discussion started by: raistie
2 Replies

4. UNIX for Dummies Questions & Answers

Carreer:Networking Programming in Unix (C programming Language)

Hello, I am trying to learn Networking Programming in C in unix enviorment. I want to know how good it is to become a network programmer. i am crazy about Network programming but i also want to opt for the best carreer options. Anybody experienced Network Programmer, please tell me is my... (5 Replies)
Discussion started by: vibhory2j
5 Replies

5. Programming

c++, raw sockets, stopping kernel write in header?

Hi, im trying to lern about raw sockets with my debian and c++. Tried to make a icmp and tcp packet and send it with sendto. Checked on wireshark and recognized that kernel changed my headers. So searched about stopping the kernel change the header and tried it with setsockopt, like said in at this... (4 Replies)
Discussion started by: sandcastle
4 Replies

6. Red Hat

Sockets

hai guys, I'm doing a project in which one server communicates with several clients. How can i do it when i have different port numbers???:confused: (0 Replies)
Discussion started by: rajeshb6
0 Replies

7. UNIX for Dummies Questions & Answers

From iOS programming to Linux system programming

Hello. I like Linux and C programming language. Allways wanted to understand kernel and become a Linux system programmer. And I also like Objective-C and iOS. These two programming areas have relations: 1. Linux and iOS are UNIX-like systems, POSIX compliant. 2. It is useful to know C language... (2 Replies)
Discussion started by: Rockatansky
2 Replies

8. Programming

Raw Socket Programming - Efficient Packet Sniffer

Hi, I have the requirement to sniff packets from the Ethernet card on my Linux machine and process it and feed it to a RANAP protocol stack. So far I have written the raw packet sniffer and successfully sniffing packets and do little processing. However, for huge number of packets ... (9 Replies)
Discussion started by: rstnsrr
9 Replies

LEARN ABOUT SUSE

ss

SS(8)							      System Manager's Manual							     SS(8)

NAME

       ss - another utility to investigate sockets

SYNOPSIS

       ss [options] [ FILTER ]

DESCRIPTION

       ss  is  used  to  dump socket statistics. It allows showing information similar to netstat.  It can display more TCP and state informations
       than other tools.

OPTIONS

       These programs follow the usual GNU command line syntax, with long options starting with  two  dashes  (`-').   A  summary  of  options	is
       included below.

       -h, --help
	      Show summary of options.

       -V, --version
	      Output version information.

       -n, --numeric
	      Do now try to resolve service names.

       -r, --resolve
	      Try to resolve numeric address/ports.

       -a, --all
	      Display all sockets.

       -l, --listening
	      Display listening sockets.

       -o, --options
	      Show timer information.

       -e, --extended
	      Show detailed socket information

       -m, --memory
	      Show socket memory usage.

       -p, --processes
	      Show process using socket.

       -i, --info
	      Show internal TCP information.

       -s, --summary
	      Print  summary  statistics. This option does not parse socket lists obtaining summary from various sources. It is useful when amount
	      of sockets is so huge that parsing /proc/net/tcp is painful.

       -4, --ipv4
	      Display only IP version 4 sockets (alias for -f inet).

       -6, --ipv6
	      Display only IP version 6 sockets (alias for -f inet6).

       -0, --packet
	      Display PACKET sockets.

       -t, --tcp
	      Display only TCP sockets.

       -u, --udp
	      Display only UDP sockets.

       -d, --dccp
	      Display only DCCP sockets.

       -w, --raw
	      Display only RAW sockets.

       -x, --unix
	      Display only Unix domain sockets.

       -f FAMILY, --family=FAMILY
	      Display sockets of type FAMILY.  Currently the following families are supported: unix, inet, inet6, link, netlink.

       -A QUERY, --query=QUERY
	      List of socket tables to dump, separated by commas. The following identifiers are  understood:  all,  inet,  tcp,  udp,  raw,  unix,
	      packet, netlink, unix_dgram, unix_stream, packet_raw, packet_dgram.

       -D FILE
	      Do not display anything, just dump raw information about TCP sockets to FILE after applying filters. If FILE is - stdout is used.

       -F FILE, --filter=FILE
	      Read filter information from FILE.  Each line of FILE is interpreted like single command line option. If FILE is - stdin is used.

       FILTER := [ state TCP-STATE ] [ EXPRESSION ]
	      Please take a look at the official documentation (Debian package iproute-doc) for details regarding filters.

USAGE EXAMPLES

       ss -t -a
	      Display all TCP sockets.

       ss -u -a
	      Display all UDP sockets.

       ss -o state established '( dport = :ssh or sport = :ssh )'
	      Display all established ssh connections.

       ss -x src /tmp/.X11-unix/*
	      Find all local processes connected to X server.

       ss -o state fin-wait-1 '( sport = :http or sport = :https )' dst 193.233.7/24
	      List all the tcp sockets in state FIN-WAIT-1 for our apache to network 193.233.7/24 and look at their timers.

SEE ALSO

       ip(8), /usr/share/doc/iproute-doc/ss.html (package iproutedoc)

AUTHOR

       ss was written by Alexey Kuznetosv, <kuznet@ms2.inr.ac.ru>.

       This manual page was written by Michael Prokop <mika@grml.org> for the Debian project (but may be used by others).

																	     SS(8)
All times are GMT -4. The time now is 07:36 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy