tailieunhanh - Raw Sockets

Raw Sockets let you program at just above the network (IP) layer You could program at the IP level using the IP API but you can’t get at ICMP Raw Sockets expose ICMP you get a Raw Packet and populate the entire packet yourself for high level protocols like TCP and UDP you lose all of the functionality implemented in those layers choosing to use a Raw Socket must be weighed carefully Raw Sockets can be dangerous Raw Sockets can be against the law . | Raw Sockets CS-480b Dick Steflik Raw Sockets * Raw Sockets Raw Sockets let you program at just above the network (IP) layer You could program at the IP level using the IP API but you can’t get at ICMP Raw Sockets expose ICMP you get a Raw Packet and populate the entire packet yourself for high level protocols like TCP and UDP you lose all of the functionality implemented in those layers choosing to use a Raw Socket must be weighed carefully Raw Sockets can be dangerous Raw Sockets can be against the law * Limitations Loss of Reliability No ports Non Standard Communications No automatic ICMP No Raw TCP or UDP Must have root (or administrator) privilege * When to use When you need to control the IP header applications like Ping and Traceroute not all fields can be set using the IP APIs Network Address Translation Firewalls When your application requires optimum network speed one level above the Link Layer if you need reliability, you must | Raw Sockets CS-480b Dick Steflik Raw Sockets * Raw Sockets Raw Sockets let you program at just above the network (IP) layer You could program at the IP level using the IP API but you can’t get at ICMP Raw Sockets expose ICMP you get a Raw Packet and populate the entire packet yourself for high level protocols like TCP and UDP you lose all of the functionality implemented in those layers choosing to use a Raw Socket must be weighed carefully Raw Sockets can be dangerous Raw Sockets can be against the law * Limitations Loss of Reliability No ports Non Standard Communications No automatic ICMP No Raw TCP or UDP Must have root (or administrator) privilege * When to use When you need to control the IP header applications like Ping and Traceroute not all fields can be set using the IP APIs Network Address Translation Firewalls When your application requires optimum network speed one level above the Link Layer if you need reliability, you must build it into your application * Windows and Raw Sockets WinSock - November 2001 raw sockets for NT and W2000 must run as administrator Win XP Professional - raw socket functionality restricted to administrator users same level of access as UNIX / Linux but first user created has administrator rights - if this is being used on a home machine most users would be running as administrator all of the time leaving their machine possibly open to being hijacked Home - will eventually become the predominant OS is not supposed to have raw sockets Internet Connection Firewall (ICF) attempt to fix problem but only blocks incoming traffic; all outgoing traffic permitted hacker can install a trojan horse that installs a zombie that just sits and waits to become part of a DDoS attack on someone * Windows and Raw Sockets WinSock allows windows programmers to build advanced applications Firewalls Network Address Translation Packet Filtering SYN Flood protection Security IPSec support VPN .