Raw socket

From Wikipedia, the free encyclopedia
Jump to: navigation, search

In computer networking, a raw socket is an internet socket that allows direct sending and receiving of Internet Protocol packets without any protocol-specific transport layer formatting.


In standard sockets, the payload to be transmitted is encapsulated according to the chosen transport layer protocol (e.g. TCP, UDP). In contrast, raw sockets usually receive raw packets including the header. When transmitting packets, the automatic addition of a header may be a configurable option of the socket.

Raw sockets are used in security related applications like nmap. One possible use case for raw sockets is the implementation of new transport-layer protocols in user space.[1] Raw sockets are typically available in network equipment, and used for routing protocols such as the Internet Group Management Protocol (IGMPv4) and Open Shortest Path First (OSPF), and in the Internet Control Message Protocol (ICMP, best known for the ping suboperation) for example, sends ICMP echo requests and receives ICMP echo replies.[2]


Most socket application programming interfaces (APIs), for example those based on Berkeley sockets, support raw sockets. Windows XP was released in 2001 with raw socket support implemented in the Winsock interface, but three years later, Microsoft limited Winsock's raw socket support because of security concerns.[3]

See also[edit]


  1. ^ "raw(7): IPv4 raw sockets - Linux man page". die.net. 
  2. ^ "Raw IP Networking FAQ". faqs.org. 
  3. ^ Ian Griffiths for IanG on Tap. 12 August, 2004. Raw Sockets Gone in XP SP2

External links[edit]