Linux Network Programming: original socket programming and instance analysis (1)

Source: Internet
Author: User

Linux Network Programming: original socket programming and instance analysis (1)

I. What can the original socket do?

Generally, the programmer receives two types of sockets:

(1) stream Socket (SOCK_STREAM): a connection-oriented Socket for connection-oriented TCP Service applications;

(2) datagram Socket (SOCK_DGRAM): a connectionless Socket that corresponds to a connectionless UDP Service Application.

From the user's point of view, the sockets SOCK_STREAM and SOCK_DGRAM seem to cover all TCP/IP applications, because TCP/IP-based applications, at the protocol stack level, the transport layer may only be built on TCP or UDP, while SOCK_STREAM and SOCK_DGRAM correspond to TCP and UDP respectively. Therefore, almost all applications can implement these two types of sockets.

However, when we are faced with the following problems, SOCK_STREAM and SOCK_DGRAM will look so helpless:

(1) how to send a custom IP address package?

(2) how to send an ICMP protocol packet?

(3) how to analyze all packets passing through the network, regardless of whether the packets are sent to you?

(4) How to disguise the local IP address?

This makes it necessary for us to face another profound topic-the original socket (SOCK_RAW ). The original socket is widely used in advanced network programming and is also a widely used hacker. The famous network sniffer (a network analysis method based on the passive listening principle), DOS, IP spoofing, and so on can all be implemented through the original socket.

The original socket (SOCK_RAW) can be used to assemble data packets and receive all data frames (data packets) on the NIC of the local computer. It is useful for listening to network traffic and analyzing network data.

The original socket is based on IP packet programming (SOCK_PACKET is based on the data link layer programming ). In addition, you must have the Administrator permission to use the original socket.

The difference between the original socket (SOCK_RAW) and standard socket (SOCK_STREAM and SOCK_DGRAM) is that the original socket is directly set to "root" at the Network Core of the operating system ), SOCK_STREAM and SOCK_DGRAM are "suspended" outside TCP and UDP protocols.

Streaming sockets can only send and receive TCP data. datagram sockets can only send and receive UDP data. The original sockets can send and receive unprocessed data packets from the kernel.


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.