Any thoughts on the best way to send the wake-on-lan magic packet. I could open a raw socket and hand craft a packet but is there an easier way? One that would also work on pre-w2k computers that don't support raw sockets.
Posted on 2004-11-11 08:48:29 by rdaneel
I'm not sure, but also Xp SP2 doesn't support raw socket
Posted on 2004-11-11 15:00:56 by greenant
I'm not sure, but also Xp SP2 doesn't support raw socket


are you sure about that?
http://www.interact-sw.co.uk/iangblog/2004/08/12/norawsockets

still a pity to read that :(
Posted on 2004-11-11 20:59:00 by comrade
Why use raw socket?
Just send a broadcast UDP packet with 16 duplications of the mac address.

http://www.amd.com/us-en/ConnectivitySolutions/TechnicalResources/0,,50_2334_2481,00.html
Posted on 2004-11-13 02:29:41 by Hawk
Hm, does anybody have a link to some info on exactly how raw sockets are limited in XP SP2? Could it be that it's just the firewall stuff and it can be turned off?
Posted on 2004-11-14 08:40:56 by f0dder
fodder,

I've experienced Winsock 'filtering' certain packets sent on a raw socket w/sp2 installed. Best example of this is dropping hand crafted SYN packets. Makes sense, I guess. I use Windows Packet Capture now for any raw sockets. It's free and doesn't censor.
Posted on 2004-11-15 21:58:21 by The Dude of Dudes
Its true - as proof I offer this: the author of nmap has released a patch for that sniffer which disabled rawsock support IF SP2 IS DETECTED.
He did this because m$ broke it. His patch uses the following code to attempt to use winpcap if sp2 was detected rather than use rawsock...



--- winip.c 2004-08-12 10:18:46.000000000 -0700
+++ winip.c 2004-08-12 16:04:56.000000000 -0700
@@ -379,6 +379,13 @@
rawsock_avail = 0;
}

+ // Disable rawsock support if its XP SP2
+ if( ver.dwMajorVersion >= 5 && ver.dwMinorVersion == 1 && ver.wServicePackMajor == 2 )
+ {
+ winbug = 1;
+ rawsock_avail = 0;
+ }
+
if(pcap_avail)
{
if(wo.trace) printf("***WinIP*** reading winpcap interface list\n");


I can't confirm this, but I suspect that only the outgoing side of rawsock was messed with - my local rawsock based sniffer still operates fine under SP2.

I also should mention I discovered reports mentioning that rawsock was fine under SP2 - RC1 but is screwed under SP2 - RC2+
Posted on 2004-11-18 01:48:22 by Homer
This thread is getting way off track and I am going to fix that right now.
You don't need rawsock to create and send a WOL packet - they are UDP based :)

Search this board, one guy posted source, its rawsock but as he mentions in that thread, it does not need to be at all.

From a third party source, I quote :

This packet must contain a certain byte-sequence, but can be encapsulated in any kind of packet (IPX, IP, anything).
Posted on 2004-11-18 02:01:39 by Homer
DESTINATION SOURCE MISC. FF FF FF FF FF FF 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 11 22 33 44 55 66 MISC. CRC.


Are You talking about that ?
Posted on 2005-02-02 09:38:05 by etn