How can you perform a TCP traceroute in C#? Is it even possible?
A:
Breakthrough
2009-08-21 19:14:34
they seem to all be using ICMP. I need one using TCP packets.
webly
2009-08-21 19:19:00
A:
You will need raw ethernet frames to generate TCP packets by hand as Windows won't let you send TCP packets over raw sockets.
See how nmap gets raw ethernet frames. Repeat it.
Joshua
2009-08-21 19:18:31
can i use this? http://www.codeproject.com/KB/IP/CSNetworkSniffer.aspxhe seems to have implemented a network sniffer using C#
webly
2009-08-21 19:24:07
No sorry. You can read all you want that way but your outbound TCP packets never reach the wire.
Joshua
2009-08-21 21:27:26
I was reading a little bit on this and it seems like it was a windows XP SP2 fix that caused the raw packet limitation - what if my application is targeting windows server 2008? is this limit there too?
webly
2009-08-21 22:04:19
see the answer below, you cant still do tcp frames over raw packet on windows server 2008
webly
2009-08-22 03:14:26
A:
From MSFT: http://msdn.microsoft.com/en-us/library/ms740548%28VS.85%29.aspx
On Windows 7, Windows Server 2008 R2, Windows Vista, and Windows XP with Service Pack 2 (SP2), the ability to send traffic over raw sockets has been restricted in several ways:
- TCP data cannot be sent over raw sockets.
- UDP datagrams with an invalid source address cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped. This change was made to limit the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets (TCP/IP packets with a forged source IP address).
- A call to the bind function with a raw socket is not allowed.
These above restrictions do not apply to Windows Server 2008 , Windows Server 2003, or to versions of the operating system earlier than Windows XP with SP2.
webly
2009-08-22 03:10:54