 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / .NET Framework / New Users / January 2006Port Knocking: Sending Single TCP Packet
I'm trying to build a simple port knocking client in dotNet. However, whenever I try to connect to the target machine, three packets get sent by System.Net.Sockets.Connect() rather than just the one that I want to send. Is there a way to send a single packet under dotNET? - Mark Hi TCP is an connection-oriented protocol which is known as Three-Way Handshake. Explanation of the Three-Way Handshake via TCP/IP http://support.microsoft.com/?id=172983 If you want to control the Three-Way Handshake , you need to use the RAW socket to compose your own TCP packet in a IP packet to send. Here are some information for your reference. SharpPcap - A packet capture framework for .NET http://www.codeproject.com/csharp/sharppcap.asp#sendPackets Raw IP Networking FAQ http://www.whitefang.com/rin/rawfaq.html#10 Best regards, Peter Huang Microsoft Online Partner Support  SignatureGet Secure! - www.microsoft.com/security This posting is provided "AS IS" with no warranties, and confers no rights. Peter, Thanx for the quick reply. I came across winpcap, and sharppcap, in the course of further research. But, unfortunately, winpcap (and hence sharppcap) don't support transmitting across PPP WAN connections (they're primarily focused on monitoring ethernet connections, after all). So I'm back to square one trying to use raw sockets myself. One thing that concerns me, though, was that I read WinXP SP2 dropped support for raw sockets. Do you know if that's correct? - Mark Hi Yes, it seems there are more restriction for the RAW socket support in XP SP2 due to security concern. http://www.interact-sw.co.uk/iangblog/2004/08/12/norawsockets Changes to Functionality in Microsoft Windows XP Service Pack 2 Part 2: Network Protection Technologies http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx What new functionality is added to this feature in Windows XP Service Pack 2? Restricted traffic over raw sockets Detailed description A very small number of Windows applications make use of raw IP sockets, which provide an industry-standard way for applications to create TCP/IP packets with fewer integrity and security checks by the TCP/IP stack. The Windows implementation of TCP/IP still supports receiving traffic on raw IP sockets. However, the ability to send traffic over raw sockets has been restricted in two ways: ? TCP data cannot be sent over raw sockets. ? UDP datagrams with invalid source addresses cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped. For detailed information I think you may to post in the newsgroup below. There would be more network experts there. microsoft.public.win32.programmer.networks Thanks for your understanding! Best regards, Peter Huang Microsoft Online Partner Support SignatureGet Secure! - www.microsoft.com/security This posting is provided "AS IS" with no warranties, and confers no rights. In case anyone else runs into this problem... After trying many, many things, it turns out one answer is to: - create the socket - put the socket into nonblocking mode using ioctlsocket - call connect on the socket - immediately close the socket Apparently, if you immediately close the socket after the nonbinding connect attempt windoze only has time to send a single packet. If you wait to close you'll get multiple packets. It ain't pretty, but it works. - Mark Hi Thanks for your knowledge sharing. Best regards, Peter Huang Microsoft Online Partner Support SignatureGet Secure! - www.microsoft.com/security This posting is provided "AS IS" with no warranties, and confers no rights. Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.