Raw Sockets?

GovernmentSecurity.org > System Security > Windows Systems

nuorder

Oct 20 2004, 02:02 PM

ok this may sound crazy but hear me out
I was looking around to see if i could get raw sockets working under XP SP2
then i decided to use gibsons socketlock tool -sure its not meant for this but i was out of ideas
http://grc.com/files/socketlock.exe
nmap 3.75 has just been released and it works fine under SP2
ive also got 3.55 (unpatched one) and it wont work under SP2 - fair enough

so i open up socketlock and press "install socketlock", then run nmap 3.55 again and it worked. i click "uninstall socketlock" then ran nmap 3.55 again and it didnt work
so i dont know whats going on here as ive only got 1 SP2 test box but as far as i could tell that socketlock tool made old school nmap work.

perhaps its just nmap but if someone would like to post a tool that they know breaks under SP2 its worth a shot i suppose. the fact that nmap works then doesnt work suggests something has changed

this is just an observation and i was wondering if anyone else would care to try this on an SP2 box
NOTE: You need winpcap installed for any of this to work
attached is the older nmap 3.55 for those interested

perky

Oct 20 2004, 06:07 PM

ok,Thanks

tibbar

Oct 20 2004, 07:59 PM

lol perky u trying to get your post count higher? thats a quick way of getting asked to leave GSO

nuorder

Oct 21 2004, 02:13 AM

just an update. i tried this again on another box with SP2 and winpcap 3.0 and got the same effect
can anyone explain this?
also i need to find another tool that is known to break under SP2 because of raw sockets

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.


Help - Search - Member List - Calendar Full Version: Raw Sockets? GovernmentSecurity.org > System Security > Windows Systems nuorder Oct 20 2004, 02:02 PM ok this may sound crazy but hear me out I was looking around to see if i could get raw sockets working under XP SP2 then i decided to use gibsons socketlock tool -sure its not meant for this but i was out of ideas http://grc.com/files/socketlock.exe nmap 3.75 has just been released and it works fine under SP2 ive also got 3.55 (unpatched one) and it wont work under SP2 - fair enough so i open up socketlock and press "install socketlock", then run nmap 3.55 again and it worked. i click "uninstall socketlock" then ran nmap 3.55 again and it didnt work so i dont know whats going on here as ive only got 1 SP2 test box but as far as i could tell that socketlock tool made old school nmap work. perhaps its just nmap but if someone would like to post a tool that they know breaks under SP2 its worth a shot i suppose. the fact that nmap works then doesnt work suggests something has changed this is just an observation and i was wondering if anyone else would care to try this on an SP2 box NOTE: You need winpcap installed for any of this to work attached is the older nmap 3.55 for those interested perky Oct 20 2004, 06:07 PM ok,Thanks tibbar Oct 20 2004, 07:59 PM lol perky u trying to get your post count higher? thats a quick way of getting asked to leave GSO nuorder Oct 21 2004, 02:13 AM just an update. i tried this again on another box with SP2 and winpcap 3.0 and got the same effect can anyone explain this? also i need to find another tool that is known to break under SP2 because of raw sockets This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.