Title: TCP/IP kernel stack bypassing
Post by: ZeroOne on November 04, 2012, 09:14:02 PM
I am trying to write a port scanner using JPCAP library in Java, the thing is and before I go deeper into coding. I wanted to do some research on how can a programmer handle the packet instead of the tcp/ip stack on kernel. I mean I can just write the program without knowing what is happening at the back end which is not satisfying for me. I am a little confused about this topic. As far as I know is that kernel is responsible for building, sending and receiving a packet, but a programmer can bypass the kernel packet's handling and take control of sending/modifying packets.
So for instance when I write a program that can access the IP layer, with the ability of building up the packet + modifying it and what not. This just means that my program did bypass the kernel.. how does that happen?
Can someone guide me or mention a good recourse on this.
Note: I know how to write a program that can craft a packet I just need to do some researches on what happens at the back-end.
FYI: JPCAP is a library based on libpcap/winpcap
Title: Re: TCP/IP kernel stack bypassing
Post by: ajohnson on November 04, 2012, 09:49:21 PM
It sounds like you're just looking for general direction, so I'd recommend that you start by researching the difference between raw sockets and standard sockets.