tags:

views:

733

answers:

3

How can you perform a TCP traceroute in C#? Is it even possible?

A: 

http://stackoverflow.com/questions/142614/traceroute-and-ping-in-c

Breakthrough
they seem to all be using ICMP. I need one using TCP packets.
webly
A: 

You will need raw ethernet frames to generate TCP packets by hand as Windows won't let you send TCP packets over raw sockets.

See how nmap gets raw ethernet frames. Repeat it.

Joshua
can i use this? http://www.codeproject.com/KB/IP/CSNetworkSniffer.aspxhe seems to have implemented a network sniffer using C#
webly
No sorry. You can read all you want that way but your outbound TCP packets never reach the wire.
Joshua
I was reading a little bit on this and it seems like it was a windows XP SP2 fix that caused the raw packet limitation - what if my application is targeting windows server 2008? is this limit there too?
webly
Sorry, but it's been there in every Windows version since.
Joshua
see the answer below, you cant still do tcp frames over raw packet on windows server 2008
webly
Huh. They didn't put it into the server versions.
Joshua
A: 

From MSFT: http://msdn.microsoft.com/en-us/library/ms740548%28VS.85%29.aspx

On Windows 7, Windows Server 2008 R2, Windows Vista, and Windows XP with Service Pack 2 (SP2), the ability to send traffic over raw sockets has been restricted in several ways:

  • TCP data cannot be sent over raw sockets.
  • UDP datagrams with an invalid source address cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped. This change was made to limit the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets (TCP/IP packets with a forged source IP address).
  • A call to the bind function with a raw socket is not allowed.

These above restrictions do not apply to Windows Server 2008 , Windows Server 2003, or to versions of the operating system earlier than Windows XP with SP2.

webly