socket problem?

Zajcev Evgeny lg at localhost.rgz.ru
Thu Sep 14 03:39:31 EDT 2000


David Bolen <db3l at fitlinxx.com> writes:

> Zajcev Evgeny <lg at localhost.rgz.ru> writes:
> 
> > hm, okay but what is if I do
> > 
> > import socket
> > ipsock = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_IP)
> > ipsock.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)
> > 
> > thats mean that all IP headers inluded in sending/receiving packets
> > and I can generate IP packet
> >  --------------------------------------------------------
> >  |                 IP header                            |
> >  --------------------------------------------------------
> >  |     IP data = TCP header + TCP data                  |
> >  --------------------------------------------------------
> >  
> > and sendto() it.
> 
> True, but then you're manually generating IP packets - you won't get
> any of the TCP headers for free, nor will you have a viable connection
> over which data may be exchanged unless you implement the TCP protocol
> itself.  Now I suppose if one were masochistic enough (or just really
> bored) they might decide to re-implement TCP, but I don't think it's
> worth the effort :-)
> 
> So to me, while at one level I suppose the above would represent a way
> of generating a single IP packet with TCP protocol headers, it's
> non-functional with respect to the TCP protocol proper without all the
> associated TCP processing as part of a normal connection if your
> overall intent is to actually send data to an endpoint using TCP.
> 
> > TCP headers included only if I cant do socket.setsockopt(<socket>, socket.IP_HDRINCL, 1)
> > 
> > and this thing works only if socket type is SOCK_RAW
> > but, I can avoid generating IP headers.
> 
> If you don't set the socket option, then you'll get the IP header, but
> you'll never get the TCP headers automatically on a RAW socket
> regardless of this option.  Any higher level protocols above IP would
> just be in the payload of the packet and constructed by the
> application, as you indicate above.
> 
> > PS: I mention that sendto() method works defferently for
> > different socket types.
> 
> Yep, which we agree on (as I noted the difference between stream and
> datagram sockets).  It sounds like I misinterpreted something though
> since I didn't realize you intended to work with raw sockets and
> generate your own protocol headers.  That's not for the faint of
> heart, and in some respects it begs the question as to why use raw
> sockets to make TCP packets, when there's a perfectly good TCP
> protocol layer to take care of it for you?
> 
> Looking back, it looks like your first posting talks about trying to
> generate a TCP SYN packet and it failing, but the example code you show
> just shows creating a normal stream socket (not a raw one) and it
> failing on a sendto() because you haven't connected it - which makes
> sense as per my last post.  If you had connected it, then the SYN
> packet would have gone out as the first packet during the connection
> (but would have been followed up by the completion of the three-way
> handshake to form the TCP stream connection).
> 
> So perhaps the right question at this point is to ask if you can
> rephrase what you are actually trying to accomplish?  Yes, you should
> be able to use a raw socket to manually construct a TCP SYN packet in
> isolation.  But I wouldn't expect it to do much in terms of
> facilitating a data transfer of any sort in and of itself, so I'm not
> sure what good it would be - unless maybe you're trying to generate a
> denial of service attack in which case you're on your own. :-)
actually I'm intented in creation not in destruction
but I need understand TCP, UDP over IP in lowerest level
whithout understanding,  network programming became
waste spending time IMHO.
I chose python for learning protcols becouse of it is greate programming 
language :)

by the way one of application of sending random tcp packets over sock_raw is
some printers have telnet service and have no authentification
so if any user telnet on it he have administrator privileges
the solution of this problem:
 your PC in the same sub-net with who want to telnet to printer
 sniifing net, and when there any SYN packet to printer:23
 send to printer RST packet from villain address (ACK and souce port is knowing from sniffing)so he even cant estableash connect.

thanks for helping.

--
zev



More information about the Python-list mailing list