TCP Traceroute in C#
https://stackoverflow.com/questions/1313743
-
19-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
How can you perform a TCP traceroute in C#? Is it even possible?
Solution
You will need raw ethernet frames to generate TCP packets by hand as Windows won't let you send TCP packets over raw sockets.
See how nmap gets raw ethernet frames. Repeat it.
OTHER TIPS
It's not true that you need to craft around with packets if you want to do a traceroute in C#. A traceroute consists of a lot of pings with TTLs from 1 to n, and this can be archived with the Ping class of the .Net framework.
Here is some old code of mine, it's not pretty but it should work:
/// <summary>
/// Performs a pathping
/// </summary>
/// <param name="ipaTarget">The target</param>
/// <param name="iHopcount">The maximum hopcount</param>
/// <param name="iTimeout">The timeout for each ping</param>
/// <returns>An array of PingReplys for the whole path</returns>
public PingReply[] PerformPathping(IPAddress ipaTarget, int iHopcount, int iTimeout)
{
System.Collections.ArrayList arlPingReply = new System.Collections.ArrayList();
Ping myPing = new Ping();
PingReply prResult;
for (int iC1 = 1; iC1 < iHopcount; iC1++)
{
prResult = myPing.Send(ipaTarget, iTimeout, new byte[10], new PingOptions(iC1, false));
if (prResult.Status == IPStatus.Success)
{
iC1 = iHopcount;
}
arlPingReply.Add(prResult);
}
PingReply[] prReturnValue = new PingReply[arlPingReply.Count];
for (int iC1 = 0; iC1 < arlPingReply.Count; iC1++)
{
prReturnValue[iC1] = (PingReply)arlPingReply[iC1];
}
return prReturnValue;
}
From MSFT: http://msdn.microsoft.com/en-us/library/ms740548(VS.85).aspx
On Windows 7, Windows Server 2008 R2, Windows Vista, and Windows XP with Service Pack 2 (SP2), the ability to send traffic over raw sockets has been restricted in several ways:
- TCP data cannot be sent over raw sockets.
- UDP datagrams with an invalid source address cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped. This change was made to limit the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets (TCP/IP packets with a forged source IP address).
- A call to the bind function with a raw socket is not allowed.
These above restrictions do not apply to Windows Server 2008 , Windows Server 2003, or to versions of the operating system earlier than Windows XP with SP2.
