Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Libnet
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: libnet seems to write to the wrong interface

from [Frédéric Raynal] Network Security [Permanent Link]
Subject: Re: libnet seems to write to the wrong interface
Date: Fri, 22 Oct 2004 18:45:36 +0200 
On Fri, Oct 22, 2004 at 03:46:55PM -0000, Chris Nelson wrote:





I'm trying to write a little program that acts like an IGMPv2 host,
sending IGMP Reports at startup, listening for IGMP Query messages,
and sending IGMP Reports in response after a random delay (unless
another host beats it to the punch).  If I get it working -- and can
figure out where to post it -- I'll be glad to add it to the libnet
samples.

I've heavily adapted icmp_echo_cq.c and added code from a pcap
sample to listen for IGMP messages then use libnet to respond.  I'm
initializing libnet and libpcat with the same device string.
However, my system has two interfaces and I'm seeing Query messages
on eth1 (the device I specified) but sending Report messages out
eth0 (as confirmed by Ethereal).

Can someone explain to me why libnet would send on an interface
other than the device passed to libnet_init()?  I'll be glad to show
you my code but I don't see anyway to attach it here and 300 lines
is a bit much to paste into this message.



First, you shouldn't use the context_queue unless you really need it.
It is deprecated in the next release.

Second, what kind of interface are you using: raw or link?
If you are using the raw API,  routing is done by your kernel, and for
whatever reason, it can select the bad device. If you are using hte
link API, that is not normal ... and is probably a bug. Can you send
me your code ?

        Fred Raynal
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: libnet seems to write to the wrong interface, Aaron Turner
Next by Date:  tcp reassembly for multiple connections simultaneously help needed, muhammad alqama
Previous by Thread:  Re: libnet seems to write to the wrong interface, Aaron Turner
Next by Thread:  tcp reassembly for multiple connections simultaneously help needed, muhammad alqama
Indexes:  [Date] [Thread] [Top] [All Lists]