Raw sockets

Steve Holden sholden at holdenweb.com
Fri Dec 21 13:24:58 CET 2001

"Ben Ainsworth" <ed_play at yahoo.co.uk> wrote in message
news:2c55c8be.0112201246.627ab31c at posting.google.com...
> amuys at shortech.com.au (Andrae Muys) wrote in message
news:<7934d084.0112131952.2ae7c239 at posting.google.com>...
> > ed_play at yahoo.co.uk (Ben Ainsworth) wrote in message
news:<2c55c8be.0112130949.761bc120 at posting.google.com>...
> > > Is there a good intro to using raw sockets with python on the web? I
> > > want to try writing a variant of traceroute using tcp instead of icmp.
> > >
> >
> > Might I suggest you first check out Stevens 'TCP/IP Illustrated Vol 1'
> > as it will explain in excelent detail how traceroute is built using
> > UDP not ICMP :).
> >
> > Andrae Muys
> Thanks, but on Windows traceroute is all ICMP (except DNS requests).
Chance for me to take another snipe at Microsoft's "not invented here"
approach. Who knows why they chose to use ICMP when everybody else used UDP.

Traceroute works because the TTL field, which specifies the maximum time a
packet may live, and is always reduced by at least one when a datagram
transits from one network to another, is an IP (v4) header.

People do some strange things, though. Many networks started rejected ICMP
traffic when the "ping of death" attack came out, completely ignoring the
fact that this is a general IP attack which does not depend on the layered


More information about the Python-list mailing list