RAW network programming under Windows

[billie]

RAW network programming under Windows it's not always possible because
of the security limitations that microsoft introduced in the latest
Windows versions and that affects WinSocket API.
On UNIX systems I'm able to freely send raw packets (for example I'm
able to compile IP packets with a src address defined by me) through
raw socket API, but if I do the same on a Windows system socket module
raises an error.

Now I'm searching for something different from raw socket api, an
extension module able to send arbitrary RAW packets through the
network.
I noticed that WinPcap (http://www.winpcap.org/) has a function to do
that (pcap_sendpacket()) so I started to search a Python wrapping for
WinPcap.
I found:
pcapy: http://oss.coresecurity.com/projects/pcapy.html
pypcap: http://www.monkey.org/~dugsong/pypcap/
....but none of them include a wrap for pcap_sendpacket() function.

Does someone know if exist a *complete* Python wrapping of WinPcap
library?

 

[sturlamolden]

RAW network programming under Windows it's not always possible because
of the security limitations that microsoft introduced in the latest
Windows versions and that affects WinSocket API.
On UNIX systems I'm able to freely send raw packets (for example I'm
able to compile IP packets with a src address defined by me) through
raw socket API, but if I do the same on a Windows system socket module
raises an error.

You can try to install "Windows Services for Unix 3.5" (aka SFU 3.5).
It transforms your Windows into a certified UNIX (not just a Unix
clone). SFU 3.5 has a full BSD socket API (derived from OpenBSD), not
just Winsock. As the POSIX subsystem in SFU 3.5 is not layered on top
of the Win32 subsystem, but talks directly to the NT kernel,
restrictions in Winsock should not affect the BSD sockets in SFU 3.5.
This behaviour is different from e.g. Cygwin, where the "Unix APIs" are
layered on top of the Win32 subsystem.

In any case, I hope you are aware that spoofing IP packets gives you
bad karma.

 

[Richard Charts]

You can try to install "Windows Services for Unix 3.5" (aka SFU 3.5).
It transforms your Windows into a certified UNIX (not just a Unix
clone). SFU 3.5 has a full BSD socket API (derived from OpenBSD), not
just Winsock. As the POSIX subsystem in SFU 3.5 is not layered on top
of the Win32 subsystem, but talks directly to the NT kernel,
restrictions in Winsock should not affect the BSD sockets in SFU 3.5.
This behaviour is different from e.g. Cygwin, where the "Unix APIs" are
layered on top of the Win32 subsystem.

In any case, I hope you are aware that spoofing IP packets gives you
bad karma.

Hey, there are a few uses for spoofing source addresses.
Anyway, I didn't know that SHU replaced ( or added to) the stack.
I'll have to give SFU a try.
Thanks.

 

[billie]

You can try to install "Windows Services for Unix 3.5" (aka SFU 3.5).
It transforms your Windows into a certified UNIX (not just a Unix
clone). SFU 3.5 has a full BSD socket API (derived from OpenBSD), not
just Winsock. As the POSIX subsystem in SFU 3.5 is not layered on top
of the Win32 subsystem, but talks directly to the NT kernel,
restrictions in Winsock should not affect the BSD sockets in SFU 3.5.
This behaviour is different from e.g. Cygwin, where the "Unix APIs" are
layered on top of the Win32 subsystem.

It isn't exactly what I'm searching for but thanks anyway.

In any case, I hope you are aware that spoofing IP packets gives you
bad karma.

No problem about it. I'm just a lover of low-level network programming.
=)