LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices



Reply
 
Search this Thread
Old 09-11-2003, 04:51 AM   #1
valib4u
LQ Newbie
 
Registered: Sep 2003
Location: NIT, Warangal
Posts: 10

Rep: Reputation: 0
Question want help in socket programming


Dear friends

i'm doing Intrusion Detection Systems(IDS) project in my university here in India. all we know Intrusion Detection needs to sniff all the packets on the network. but here i want to add some preventive measures wich needs capturing and handling packets just like a firewall.

i'm struct in this situation. i don't know how firewall catches and handle packets. i read many articles all are saying how to configure existing firewall in Linux.(i'm using readhat 9.0). but i want basic programming concepts behind this.

if anybody know it plz help me.

thanking u
Vali
 
Old 09-11-2003, 07:33 AM   #2
nullpt
Member
 
Registered: Jul 2003
Distribution: Red Hat
Posts: 94

Rep: Reputation: 15
To sniff packets in your network, you should use a packet filter or an app that use an packet filter, like tcpdump.
tcpdump is a powerfull tool, try to use it.

Now, about your project you'll need to treat the information that you gather with the filter. Good luck with it.
 
Old 09-12-2003, 12:17 AM   #3
valib4u
LQ Newbie
 
Registered: Sep 2003
Location: NIT, Warangal
Posts: 10

Original Poster
Rep: Reputation: 0
thank you very much

but i think tcpdump only gets a copy of actual packets.
can't we get the packet directly from the ehernet card?

actually what i want is .....

getting packet directly from ehternet card, and these packets will be analysed by my program and then my program will forward the packets as usuall.

just i want to change the actual flow of packets at the system level like that is happening in the firewall...

i think u got me.

i know actually it is not a part of Intrusion detection system (IDS). but i want to add this fuctionality to it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
socket programming iiit Programming 2 07-05-2005 05:02 PM
Help me ... about Socket programming.. rajsun Programming 2 04-24-2005 05:50 PM
socket programming???? harbir Linux - Networking 2 07-05-2004 03:52 AM
Socket Programming cxel91a Programming 4 03-19-2003 11:05 AM
socket programming herambshembekar Programming 3 04-13-2002 04:13 PM


All times are GMT -5. The time now is 05:16 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration