Raw Sockets and Root Administration

Similar Messages

• 4727550 Advanced & Raw Socket Support (ICMP, ICMPv6, ping, traceroute, ...)

  Hi All,
  4727550 was a long standing RFE. Before we take any action, I'd like to ask you guys what the requirements are. E.g., do you plan to use raw socket in what kind of application? What features do you want the most? Which platform do you plan to use? etc.
  Feel free to add your comments here.
  Thanks,
  Edward

  sjasja wrote:
  Its sad to realize at different occasions, that Java
  is just not usable for this type of application, e.g.
  writing a firewall...Sure it is! You just need some glue between operating system specific APIs and Java.
  This is not really a language issue. It's an issue of what language APIs a given OS supports out of the box. Want to write a firewall using C and deploy it on a LISP machine? Be prepared to write some C/LISP glue, just like you'd write Java/C glue to access APIs written in a C-based OS.
  C is so widespread, and so many OSes offer C APIs that C seems "universal". But that's just an illusion. The OSes that happen to be most popular at this time in history happen to provide C APIs to most of their functionality (even then you may occasionally need C/assembly glue for some things).
  More and more APIs, such as low level TCP access, will eventually migrate to Java. But ther is no "universal" language, magically able to access any API written in any other language.I think you are missing the point. In order to write a firewall in Java, you have to have raw socket support - IE: be able to specify the data going over the transport. Java currently supports TCP and UDP, but does not support any others (IPX, ICMP, etc).
  The reason these things are not available at the Java layer is because the underlying C code in the JVM is specifying the constants to pass to the socket library at the C level rather than letting the Java layer pass those parameters down. You can currently do it yourself by doing a bootstrap replacement for the JVM classes, or using a 3rd party library -- but you shouldn't need to. The underlying library should be rewritten as raw socket, and allow the existing libraries to be built as pure-java implementations on top of it.
  The reason that raw sockets were not around to begin with was that everyone was afraid it was a security risk. It is unfortunate that in order to protect us, they keep us from writing security software.
  As a side note, I think these two comments on the bug ( http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4727550 ) are interesting:
  4093850 "ICMP protocol support a.k.a. PING applets" was a long
  standing RFE seeking ICMP/raw sockets support. It attracted approximately
  250 votes on the JDC. It became clear from the feedback to the RFE
  that there were broadly two requirements :-
  In about one month (from 2006-08-23 to 2006-09-20), we don't see enough input in the SDN forum thread for this RFE. Seems there's no enough interest for it.
  If it "became clear" that people wanted this functionality, why post a brand new link somewhere and monitor it for one month to determine if anyone wanted the functionality. I didn't even know about this link until a friend mentioned that the bug had been updated.
  So, enough of a rant. I think that if we could write a full-fledged software firewall in Java without using a 3rd party library or JNI, then we'd be on the right track for requirements.

• Raw Socket always drop packets and return Destination Unreachable

  Ho folks,
  I have an application program that opens a raw socket to expect for UDP message incoming from the network.
  However everytime I receive a package the Solaris 10 OS return a ICMP - Destination (port) unreachable, and no message
  is send to my application.
  I did test the same application in linux and it worked well, all that I have to do was disable ICMP responses using iptables.
  Just to make things clear:
  In linux the OS was sending the ICMP - Destionation (port) unreachable, however my program was
  receiving the packets anyway. So just to stop those messages I did use the iptables. However, in
  Solaris 10 the ICMP response is sending back and no message is forward to my application.
  Would your guys help me to solve that?
  Thanks in advance

  Folks, here I go again...:-)
  I have been spent some time, trying to figure out why it is not work. I read in books and internet, that BSD raw sockets DO NOT allow us to receive TCP/UDP packages. However the linux implementation DOES allow. That is because it work in linux but not in solaris.
  Given that, such information is 100% true (book: Unix NetworkProgramming, 3rd edition), I would like to ask your guys what I can do to solve my problem.
  Basically what I need is create an application that:
  1) Allows to bind thousand of sockets at the same time (it is a media server that handles thousand of RTP connections)
  This I believe I can do using socket multiplexing (e.g. select() )
  2) Read not only the packet data, I need to retrieve the whole packet address (including IP, UDP, Upper Layers...)
  When using SOCK_DGRAM with IPPROTO_UDP, I can get the messages but I can't get the IP header
  3) Uses something like raw socket to send messages, here I believe I can use raw socket with no problem, is just sending messages
  Thanks and Regards

• Java sockets and raw sockets

  Hello!
  I have made my own file sharing program with Java sockets
  and i have read a litle bit about raw sockets also.
  What are the differences between Java sockets and raw sockets?

  raw socket can have packet types which Java does not.
  Generally if you need something useful which Java cannot do there is a utility already written which does what you want, e.g. ping and you can call that.

• Raw Socket: Protocol Not Supported

  OS Solaris 10, using Zones
  I have one zone set up which houses HP Openview NNM 7.5
  Inside of the application you should be able to right click on a node and do a traceroute or telnet to the node.
  Neither works. Get error:
  raw socket: Protocol not supported
  Can anyone tell me if this is an OS issue or HP Openview issue?
  Any assistance will be greatly appreciated!!!

  This is known issue in zone. Please see http://developers.sun.com/solaris/articles/application_in_zone.html about socket function.
  But if you really need traceroute in nnm, you can use /usr/sbin/traceroute.
  Here's how:
  manager@ov:~$ diff /root/old-NNM-IP.tbl $OV_REGISTRATION/C/ovip/NNM-IP.tbl
  473c473
  <          -cmd ovtraceroute ";
            -cmd traceroute "; You can always add something like "xterm -e telnet" instead of "not working" menu item in registration file. Please see "Creating and Using Registration Files" guide on http://docs.hp.com.
  nice nnm-ing :)
  Message was edited by:
  Porky@Pig

• Opening a RAW socket - how to become superuser to do so ?

  Hi, I'm writing my first test application, so I thought I'd convert an easy known quantity like ping. My problem here seems to be that to open a RAW socket I need to have a UID of 0, and I haven't got that or can I set it. So how is it done ? My various printf's to the console show me -
  [Session started at 2008-09-20 00:17:47 +0100.]
  Running pingmain
  Running as UID 501
  Running as EUID 501
  Have set UID to 0, result code: -1
  Have set EUID to 0, result code: -1
  PING (null) (192.168.1.100): 56 data bytes
  socket error: Operation not permitted
  Failed to launch simulated application: Unknown error.
  501 also happens to be the UID I'm assigned on my iMac, is it simply the case of su;ing to root and then starting xcode.. doesn't seem to be the right thing to do somehow.
  Can anyone give me any hints onto what I should be doing here ?

  Doing this the right way is a very messy process:
  http://developer.apple.com/documentation/Security/Reference/authorizationref/Reference/reference.html#//appleref/c/func/AuthorizationExecuteWithPrivileges
  or
  http://developer.apple.com/samplecode/BetterAuthorizationSample/listing6.html

• Raw Socket in Java

  Hello everybody. Since 2 years ago, I was looking for the Java RAWSOCKET class, and I read that it was possible....Up to now I did not read nothing about this...So, when could I find the Java RawSocket? Many thanx...
  Ivano

  I talking to Java developers....but they didn't answer
  me! I need a response... I wanna know why there is not
  a Java Raw Socket Class....or a Java ICMP Socket (NOT
  NATIVE, NOT IN C, NOT JNI, OK?). First of all the socket classes that already exist in java already DO use JNI. You just don't see it.
  I know that icmp
  socket require root privilege, but, for example, in
  PDA or cellular phone (J2ME) it doesn't need about
  root privilege to "make ping" (Icmp echo).
  Will they answer me ? Hoping.....If you give Sun a lot of money then they will be happy to add almost anything you want to java.
  But if not then Sun is going to add what they feel is important.

• Raw Socket Access

  I need to negotiate password hashes for Authentication: NTLM (opposed to BASIC) but this requires sending a message back to the client and receiving the hashes without closing the socket. There's a nice diagram of this handshake here:
  http://www.innovation.ch/java/ntlm.html
  Is there any way to basically bypass all HTTP connection control and get access to the raw socket so I can do this handshake?
  I have all the code worked into the new jcifs.http package but it doesn't work because sending back 401 Unauthorized implicitly closes the connection.
  Any ideas would be greatly appreciated,
  Mike

  I need to negotiate password hashes for Authentication: NTLM (opposed to BASIC) but this requires sending a message back to the client and receiving the hashes without closing the socket.
  This problem was indeed solved. The jCIFS jcifs.http package now has an NtlmHttpFilter, NtlmSsp class for creating custom MSIE HTTP Authentication modules, and a NetworkExplorer Servlet for browsing the WAN with your transparently negotiated credentials.
  http://jcifs.samba.org/

• I did re-set my password and when I click on Install for Mavericks, I still get a box for "administrator password" and it still won't accept my new password. Is there a difference between my Apple ID and the administrator password they're asking for?

  I downloaded Mavericks and it won't install. I did re-set my password and when I click on Install for Mavericks, I still get a box for "administrator password" and it still won't accept my new password. Is there a difference between my Apple ID and the administrator password they're asking for? I never had an administrator password-- I just hit enter and have never had a problem before with previous installations. I'm on an iMac, from 2007, running Mt. Lion (version 10.8.5). I've been looking for other's posts who may be having the same problem, but haven't found any. Can anyone help?

  Ugh. The 'no password, no work' thing is a recent Apple development. I ran into it on my system and ended up having to do a clean install on a partition I fully erased.
  I suppose, if you have the ability to, go online and look up how to burn a bootable DVD image. Download the 10.8.4 image then use the Disk Utility to make a boot image of it. You'll need a dual-layer DVD or a USB drive (or memory stick at least 8GB) If you've got an optical drive, burn the disk, if you've a USB device, use that.
  Then get a pocket drive and copy your important files off the system or let Time Machine do a full backup.
  When the backup is done, insert the disk and hold down the C key until the machine boots off of the DVD. At the point you get to the start window, go to the menu and choose the Disk Utility.
  In the Disk Utility, reformat the drive. You go to the actual DRIVE (not the Macintosh HD, but the root above it that is the actual hard drive device)
  I always do this and *partition* it into several volumes, the benefit being, you can store all of your music, documents and importans stuff on that secondary storage volume you make - it will have it's own index and then the first volume is where you put the OS and it will have it's own index as well. That way, if the OS throws a wobbler and you need to reinstall, you don't lose your data.
  Depending on the size of your hard drive, it is good to give your OS partition at least 60GB and optimally 100GB, and the rest for storage.
  Name your volumes, use the little box sliders to manually size them or put that number in the size window, select for the format, Mac OS Extended (Journaled) and hit Apply and then the Disk Utility will quickly create your new partitions.
  Once finished, quit the Utility and it will return you to the OS installer. Select the volume you want to install to and it should start up and install.
  Once the installation is done, you'll get the new machine startup then you MUST put in a password for the computer. Once you're in, and to the desktop, don't bother with any Mountain Lion updates, go right to the App Store and get the Mavericks update and let it install the app to your Applicaitons folder, then do that install.
  On a side note, there MAY be a way to make a disk image from the Mavericks application and avoid the entire Mountain Lion step.. I honestly do not know, but a bit of hitting the search engines may find out if there is. I think that if you looked for "make Mavericks boot disk or boot image' you may find something.
  Good luck!

• Why does not java support raw sockets?

  Java does not have support for raw sockets, that means it cannot receive the packet header, just the payload data.
  But the header data of an ICMP packet consists of 20 bytes, and you can still write single bytes in Java, so why isn´t is possible to write a header for an ICMP packet in Java?
  Can someone explain how it all works?
  Thanks!

  You can do raw sockets with third party libraries. They won't be pure java - but you didn't really expect to do raw sockets on your cell phone or TV set top box, or spy and spoof someone's network using an applet.
  The FAQ for one such library hints what kind of a mess raw sockets are due to differences in common operating systems; see http://www.savarese.com/software/rocksaw/

• Raw sockets

  hi
  i have 2 questions;
  first:
  i want to design a network monitoring and packet capturing tool for my school project
  i read the related topics but i have still doubts,
  if i should use whether java or c . i dont know which one is better for such a tool.
  and second:
  do c and/or java raw sockets work under xp home edition
  thanks...

  you can in either, id suggest you just pick which language you are more comfortable in.
  In java you can use the JPCAP libraries to mornitor traffic

• Raw sockets with IP headers in mac osx

  I am trying to send IP packets through a raw socket (SOCK_RAW) on my mac (osx 10.6), and always get an "Invalid Argument" error. I have tried with IPPROTO_RAW, IPPROTO_UDP, and IPPROTO_DIVERT (which should also send raw packets). When using _RAW or _UDP, I also set the socket option for including ip headers with setsockopt(.., IP_HDRINCL, ..). Has anyone successfully sent IP packets with a raw socket on a mac that includes IP headers? Any example code I can use as a reference? Thanks!

  Well, in case anyone ever has the same issue, the only way I was able to inject packets back with my own IP headers was by writing to a bpf socket, which is not the prettiest way, but works. I am still interested in seeing IP_HDRINCL work on a raw socket, so if anyone has an example that works, please post!

• Changing the root administrator

  I have a used Imac mid 2007 20" that I have cleaned up and I planto give it to another person for his kids. I have it up and running in version 10.6.8.
  I need to change the root administrator to the new person. How do I do It??
  I have replacement Original Install discs from apple.

  You have two options;
  Create a new user account for the recipient. Give it admin status. Log into the new account then delete the old one.
  Do the following: Prepare Your Mac for Sale
  Boot from the OS X Installer Disc One that came with the computer.  After the installer loads select your language and click on the Continue button.  When the menu bar appears select Disk Utility from the Utilities menu.  After DU loads select the startup volume from the left side list then click on the Erase tab.  Set the format type to Mac OS Extended (Journaled) then click on the Options button.  Select the one pass Zero Data option and click on the OK button.  Then click on the Erase button.
  Note: You can skip the Zero Data option if you are not concerned about removing sensitive personal data from the hard drive.  If you choose to skip this part of the process then it is possible for others to recover data from the hard drive.  The Zero Data procedure will prevent others from getting access to your personal information.
  This process will take 30 minutes to several hours depending upon the size of the hard drive.  After formatting has completed quit DU and return to the installer.  Now complete the OS X installation.  At the completion of the installation do not restart the computer.  Instead just shut it off.  The next user will be presented with the Setup Assistant when they turn on the computer just as it would if new out of the box.

• Raw Sockets in Java

  Hi
  Is it possible to create raw socket like in C. In C, I am able to create a structure like below
  struct ipheader {
  unsigned char ip_hl:4, ip_v:4;
  unsigned char ip_tos;
  unsigned short int ip_len;
  unsigned short int ip_id;
  unsigned short int ip_off;
  unsigned char ip_ttl;
  unsigned char ip_p;
  unsigned short int ip_sum;
  unsigned int ip_src;
  unsigned int ip_dst;
  An then declaring a pointer to this structure enables me to create my own IP header. Adding up Ethernet, TCP and IP headers creates a data packet.
  I wonder weather is it possible to create a packet like this in Java or not?
  Thanks...

  Well, it is possible to create a structure like that. Sending it to the net will require OS-dependent JNI, though. And possibly special security permissions, depending on your OS.
  What are you really trying to do?

• Making choice between socket and RMI

  I never use RMI, but i am familiar to socket programming. i want to write an online game, I know that use RMI will easy than use socket, could anyone tell me what factors will affect the choice between using socket and RMI if don't consider which one i am familiar ?
  thanks
  jacky

  I would consider the amount of traffic your online game is going to be generating. Obviously, if the traffic is the bottleneck, you will want to optimize it as much as possible.
  I can see that if you are familiar with sockets and socket programming, where this is very appealing because after all, you can't get much faster than raw sockets. Also, the Java APIs around sockets are much easier than the equivalent BSD Socket C/C++ libraries.
  Still, RMI has much more to offer.
  o It is relatively easy to set up a connection
  o exceptions will be thrown when problems occur
  o serializing classes is so easy it's laughable
  o If performance becomes an issue, you can (as the previous poster suggests) create your own custom socket factory which optimizes the used bandwidth. Options here include compression if you have the CPU cycles to spare.
  o There are mechanisms in place for working RMI over firewalls
  Many of the things that RMI offers, you might find yourself re-writing in your own socket-based API. Personally, I would choose RMI.