Jump to content

Raw socket

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 203.206.137.129 (talk) at 02:51, 9 March 2009 (added some of the legit reasons for the existence of this feature). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

In computer networking, a raw socket is a socket that allows direct access to packet's headers. Raw sockets allow users to craft packets' headers, and this power can be used for good (system monitoring, intrusion detection, etc) or evil (attacks such as IP address spoofing in hand with denial-of-service).

Overview

Raw sockets are not a programming language-level construct, they are part of the underlying operating system's networking API. Most socket interfaces, especially those based on the Berkeley sockets, support them.

Usually raw sockets receive packets containing the header, as opposed to standard sockets, which receive just the payload with the headers stripped for programmer's convenience. For outgoing packets, whether or not a header is automatically prepended is usually a raw socket's configurable option.

Raw sockets are usually used on the network's transport layer or network layer.

Controversy

When Windows XP was first released in 2001 with raw socket support implemented into the Winsock interface, the media attacked Microsoft saying that raw sockets are only of use to hackers to pull off TCP reset attacks. In the summer before the Windows XP release, security consultant Steve Gibson described in detail why raw sockets in Windows XP were a major security issue. Three years after the Windows XP release, Microsoft silently limited Winsock's raw socket support in a non-removable hotfix and offered no further support or workarounds for applications that used them.[1] They generally work for legitimate uses, that is, when using UDP datagrams crafted to have a source address that matches one on the sending interface.

See also

Retrieved from "https://en.wikipedia.org/w/index.php?title=Raw_socket&oldid=275952993"