Raw Socket Sender

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • KevJB
    #1

    Raw Socket Sender

    I must say I'm new to these Raw sockets in C# and unfortunantly I haven't met
    anyone who is a expert in them which makes trying to develop any rather
    difficult.

    What I've been doing is trying to create some sort of NAT Server to work as
    a ADSL gateway and share internet access. Yes I know I can use ICS, No I'm
    not going to. I want to learn shomething by doing this not just use a
    standard out of the box solution.

    Anyway, I set up my packet reciever which recieves RAW IP packets and dumps
    them all onto my processing functions which change around the Source Address
    and send the pack off for it's trip onto the internet. However my RAW IP
    sender is not happy and I *think* it has something to do with sockets and
    blocking and the idea that sends should not overlap or somthing. Anyway the
    code goes something like:

    sender = new Socket(AddressF amily.InterNetw ork, SocketType.Raw,
    ProtocolType.IP );
    sender.Blocking = true;
    sender.Bind(new IPEndPoint(IPAd dress.Parse(IP) , port));
    sender.SetSocke tOption(SocketO ptionLevel.IP,
    SocketOptionNam e.HeaderInclude d, 1);
    // Code to make the packet as a byte buffer and finally:
    sender.SendTo(s end_buf_bytes, args.totallengt h,
    System.Net.Sock ets.SocketFlags .DontRoute, new IPEndPoint(args .destination,
    0));

    At which point the system dies and gives me a cryptic error message saying:

    An unhandled exception of type 'System.Net.Soc kets.SocketExce ption' occurred
    in system.dll

    Additional information: A blocking operation was interrupted by a call to
    WSACancelBlocki ngCall

    Can anyone see what I missed. I think I maybe need to turn the socket into
    non-blocking by use of sender.IOContro l but I have no idea what the actuall
    call is or what the correct iocontrolcode would be.

    Anyone got any ideas? Or does someone know that I am on the compleatly wrong
    track and can suggest what I should in fact be doing?

    Thanks in advance,
    Kevin-John Beasley
    Tags: None
    • Austin Ehlers
      #2
      Re: Raw Socket Sender

      On Sat, 18 Sep 2004 01:49:01 -0700, "KevJB"
      <KevJB@discussi ons.microsoft.c om> wrote:
      [color=blue]
      >I must say I'm new to these Raw sockets in C# and unfortunantly I haven't met
      >anyone who is a expert in them which makes trying to develop any rather
      >difficult.
      >
      >What I've been doing is trying to create some sort of NAT Server to work as
      >a ADSL gateway and share internet access. Yes I know I can use ICS, No I'm
      >not going to. I want to learn shomething by doing this not just use a
      >standard out of the box solution.
      >
      >Anyway, I set up my packet reciever which recieves RAW IP packets and dumps
      >them all onto my processing functions which change around the Source Address
      >and send the pack off for it's trip onto the internet. However my RAW IP
      >sender is not happy and I *think* it has something to do with sockets and
      >blocking and the idea that sends should not overlap or somthing. Anyway the
      >code goes something like:
      >
      >sender = new Socket(AddressF amily.InterNetw ork, SocketType.Raw,
      >ProtocolType.I P);
      >sender.Blockin g = true;
      >sender.Bind(ne w IPEndPoint(IPAd dress.Parse(IP) , port));
      >sender.SetSock etOption(Socket OptionLevel.IP,
      >SocketOptionNa me.HeaderInclud ed, 1);
      >// Code to make the packet as a byte buffer and finally:
      >sender.SendTo( send_buf_bytes, args.totallengt h,
      >System.Net.Soc kets.SocketFlag s.DontRoute, new IPEndPoint(args .destination,
      >0));
      >[/color]
      <snip>

      I don't know if it's related, but XP SP2 disables most of the RAW
      sockets support (see
      http://blogs.msdn.com/michael_howard...12/213611.aspx ,
      Nmap, Raw Sockets and Windows XP Service Pack 2
      http://www.kayodeok.co.uk/weblog/200408/12/nmap_and_raw_sockets.html

      for more info).

      Check out http://www.thecodeproject.com/csharp/SendRawPacket.asp for
      how to do it with an NDIS protocol driver.

      Austin

        Comment

        • KevJB
          #3
          Re: Raw Socket Sender

          Well that's a complete disaster. Surveyed Applications did they, didn't
          survey enough is my response. You want a valid use of Raw Sockets. NAT. Three
          letters and a RFC just blew your concept to hell. Remove RAW Sockets, who the
          hell at microsoft seggested that? Whoever it was needs to be fired. This is
          so typical of Microsoft, find a security issue and they kill off the thing
          that lets people exploit the issue because developing some other form of
          protection for affected applications is too hard. Sure people will write
          Attack Tools using Raw Sockets, Take it away from Windows and they will go
          use Linux anyway. You don't solve anything In fact you encourage the idjits
          who write those programs because their first thought is "MS Blocked RAW
          Sockets, they must have something to hide". In addition you break the
          fundamental concept of TCP that ports should be visiable and can recieve or
          send packets. What the hell use is an application that can recieve raw
          packets but can't send them. That's like disabling the ability of people to
          initiate calls on the telephone network because they could call people and
          annoy them with telemarketing. The whole idea of the Operating System is to
          ensure that ports that arn't bound to some propper application can't be used
          as a security hole. If you want to stealth ports from the internet there is a
          great tool called a firewall. People who are too stupid to use one don't
          deserve to have an internet connection. Sorry maybe that's the line of
          thought for XP Home but for XP Professional it's not acceptable.

          So since Microsoft is so commited to developers how about we remove this
          stupid feature from SP2 right now. Or maybe I should sue Microsoft for
          screwing over my development project which I spent the last 12 months on.
          Microsoft says C#.NET is surposed to be the future of internet applications
          and here they are ripping out core components cause someone *might* use it
          for "attack tools". I would have thought that after gettings it's ass kicked
          for monopolising Internet Explorer microsoft would have smartened up.
          Obviously not cause here they are remove more parts of Windows that
          competitors can use to make Home/Small Office applications. Sounds like they
          might be trying to force everyone to use ISA Server or ICS. I'm sure a lawyer
          would consider that highly likely.

          I guess Microsoft factored the conversion back to unix of a bunch of script
          kiddies + some annoyed developers into the cost of their next release of
          Windows. Maybe microsoft should change their slogan to "What Functionality
          will we remove Today".

          Anyway thanks for the tip Austin, some company executives head is going to
          expload when I tell them we need to move ourselves down to the ethernet layer
          to finalise our program for production release. The only good thing is that
          MS owes us several thousand for support incidents that were due to a removed
          feature that noone at the support centre conveniently knew about.
          Kevin

          "Austin Ehlers" wrote:
          [color=blue]
          > On Sat, 18 Sep 2004 01:49:01 -0700, "KevJB"
          > <KevJB@discussi ons.microsoft.c om> wrote:
          >[color=green]
          > >I must say I'm new to these Raw sockets in C# and unfortunantly I haven't met
          > >anyone who is a expert in them which makes trying to develop any rather
          > >difficult.
          > >
          > >What I've been doing is trying to create some sort of NAT Server to work as
          > >a ADSL gateway and share internet access. Yes I know I can use ICS, No I'm
          > >not going to. I want to learn shomething by doing this not just use a
          > >standard out of the box solution.
          > >
          > >Anyway, I set up my packet reciever which recieves RAW IP packets and dumps
          > >them all onto my processing functions which change around the Source Address
          > >and send the pack off for it's trip onto the internet. However my RAW IP
          > >sender is not happy and I *think* it has something to do with sockets and
          > >blocking and the idea that sends should not overlap or somthing. Anyway the
          > >code goes something like:
          > >
          > >sender = new Socket(AddressF amily.InterNetw ork, SocketType.Raw,
          > >ProtocolType.I P);
          > >sender.Blockin g = true;
          > >sender.Bind(ne w IPEndPoint(IPAd dress.Parse(IP) , port));
          > >sender.SetSock etOption(Socket OptionLevel.IP,
          > >SocketOptionNa me.HeaderInclud ed, 1);
          > >// Code to make the packet as a byte buffer and finally:
          > >sender.SendTo( send_buf_bytes, args.totallengt h,
          > >System.Net.Soc kets.SocketFlag s.DontRoute, new IPEndPoint(args .destination,
          > >0));
          > >[/color]
          > <snip>
          >
          > I don't know if it's related, but XP SP2 disables most of the RAW
          > sockets support (see
          > http://blogs.msdn.com/michael_howard...12/213611.aspx ,
          > http://www.kayodeok.co.uk/weblog/200...w_sockets.html
          > for more info).
          >
          > Check out http://www.thecodeproject.com/csharp/SendRawPacket.asp for
          > how to do it with an NDIS protocol driver.
          >
          > Austin
          >[/color]

            Comment

            Previous template Next
            Working...