"Yes, we have to divide up our time like that, between our politics and our equations. But to me our equations are far more important, for politics are only a matter of present concern. A mathematical equation stands forever." - Einstein
This is the way hacker hacked the Computers. They build the packets with RAW sockets and then directly call the snedto or write system call which in turn call the data link layer(device driver) functions.
Almost all the sniffer tools works in the same way , they sit at datalink layer and capture the packets ( tcpdump , ethereal etc.)
Still I didn't get one point. Let's say any of the socket is opened by your application (any which you wrote) and if you run this sniffer tools, how they rebind the same socket address as the row socket though it was already used by the residing application you ran. So I think this is OS issue which should not allow row sockets on already opened standard socket. Let me know if I am missing something.
3 comments:
The article is really good.
Thanx Jigar,
This is the way hacker hacked the Computers. They build the packets with RAW sockets and then directly call the snedto or write system call which in turn call the data link layer(device driver) functions.
Almost all the sniffer tools works in the same way , they sit at datalink layer and capture the packets ( tcpdump , ethereal etc.)
Still I didn't get one point. Let's say any of the socket is opened by your application (any which you wrote) and if you run this sniffer tools, how they rebind the same socket address as the row socket though it was already used by the residing application you ran. So I think this is OS issue which should not allow row sockets on already opened standard socket. Let me know if I am missing something.
Post a Comment