Wednesday, December 7, 2011

Raw Socket: Introduction

Sockets are APIs (application programming interface) for creating comunication flows between two endpoints. Sockets create an interface above the Transport Layer, so we can use them in order to send data on the TCP/IP Application Layer.

Raw Sockets are little different. They create a low-level comunication flow, enabling us to work directly on IP layer or better over the Data-Link Layer. Basically, we have to write the TCP/IP headers and (re)write "freehand" the comunication protocol, like 3-Ways handshake or sliding windows managment.

Only a fool would use such a thing! A fool or someone who wants to analyze/manipulate the traffic. So the creation of a Raw Socket requires root privileges.

Thankfully the OS give us structures for protocol's header (like ip, tcp, udp, icmp, arp...).

The normal execution flow is:
  • Creation of a trasmission buffer, to be filled with IP header ip and payload.
  • IP packet checksum computation.
  • Raw Socket creation.
  • Tell the operating system to avoid adding automatically IP Header.
  • Sending the trasmission buffer using sendto().
  • Wait for a reply using recivefrom(), filling the receive buffer with the answer.
  • <your code go here> :P
  • ...

No comments: