Hi,


At first sight you think it's weird but I want low level networking APIs if there are such things. I want to create a TCP or UDP packet from zero. I would like to change some fields of the IP packet for example want to change source and destination address field, want to play with packet. Is there a way?


regards
Posted on 2006-05-28 16:08:25 by highenergy
If you have to ask, then we must ask back, what are you trying to do and for what goal?

Regards,  P1  8)
Posted on 2006-05-30 17:02:43 by P1
@P1:

I want in-dept understanding of network language. I completed CCNA course 2 years ago. Course gave me much information about networking. What is packets, how they travel across network and much more. But course didn't teach me how to produce packets. I think it's programmer's field. And the missing thing is that. Think it in another way I want to reverse engineer network communication. I'll learn more thing.


regards
Posted on 2006-05-31 03:42:30 by highenergy
Windows XP supports "raw sockets", which will let you play with constructing IP (udp, tcp) packets by hand. If you want to go lower, try looking for NDIS information. I remember some "rolling your own IP stack" article as well, but haven't been able to find it with some quick googling.


Think it in another way I want to reverse engineer network communication.

You don't need to reverse engineer anything, all the information you need on network protocols is available through RFCs :)
Posted on 2006-05-31 06:18:46 by f0dder
Yes,
It is called IP spoofing.
When you do this though do not expect a feed back or information to be sent back though.
I will not say how for two reasons.
You are trying to hack or flood a server
pluss i do not remember
Posted on 2006-06-12 19:54:50 by tjweb
Somebody trying to hack or flood a server would probably just grab a ready-made snippet from one of the many sites on the net where that kind of stuff is available... at any rate, any sign of a person trying to do that and the moderation team will take action.

IP spoofing is a bit silly. AFAIK, many decent ISPs are blocking spoofed packets at their network perimeter - that is, if you try sending a spoofed packet, it will be dropped at their router, before entering the internet.
Posted on 2006-06-13 04:56:20 by f0dder
Unfortunately, most ISPs are not 'decent'..
Posted on 2006-06-13 09:59:23 by Homer

Yes,
It is called IP spoofing.
When you do this though do not expect a feed back or information to be sent back though.
I will not say how for two reasons.
You are trying to hack or flood a server
pluss i do not remember


Low level network programming has more uses than just IP spoofing. IP Spoofing is mearly the forgery of a single entry within the IP_HDR structure of the packet. Such decent applications for low level networking include custom protocols, firewalling (although that should be done by external hardware but let's not get into that), and various forms of tests on the system and ethernet cards generally require such a low level. To make the assumption that this person is trying to "hack or flood a server" is a bit hasty IMHO.


You don't need to reverse engineer anything, all the information you need on network protocols is available through RFCs :)


I totally agree, RFCs are where you should start your search if you plan to learn about low level networking, as practically every protocol in existance has been documented in RFC format. Start your search here
Posted on 2006-06-13 20:54:22 by Synfire
Also, this link might turn in very valuable: http://www.sics.se/~adam/lwip/ . It's a light-weight IP stack, it should be a lot more managable to read & understand this than, say, the IP stack in linux or BSD.
Posted on 2006-06-14 12:38:40 by f0dder
One way you can do what you are trying is to stop the packet from being sent read it and copy the data to the new packet and put your own heads in. But you will need a port that will accept them.

Posted on 2006-06-14 22:32:25 by tjweb