Solved

ICMP packets

Posted on 1998-10-28
13
479 Views
Last Modified: 2010-04-06
Hi,

I'm trying to make application to catch every ICMP
echo request (ping) ,before my kernel(?!?) echo reply on it or even right after that (i need source IPaddr,packet_len) , i've browsed 'icmp.dll' info and didn't understand how to recieve them from this way . i hope someone already found
solution or saw interesting source codes (deplhi,c).

Jecksom
0
Comment
Question by:jecksom
  • 6
  • 5
  • 2
13 Comments
 
LVL 4

Expert Comment

by:dwwang
Comment Utility
Go to this site and you will get exactly what you want, there is a ping implementation in Delphi.

http://www.rtfm.be/fpiette/indexuk.htm
0
 
LVL 1

Author Comment

by:jecksom
Comment Utility
Hi dwwang !

You gave me opposite answer that i asked (i already have ics) and it's only
receiving echo reply after i've post echo request to remote host. I need to
catch icmp packet then anyone pinging me ! O'coz if you'll show source how
to detect incoming ping in this way i'll rise points to 250 :).

Jecksom

PS: bytheway, icmp.pas from ics using 'icmp.dll' ;)

0
 
LVL 1

Author Comment

by:jecksom
Comment Utility
Adjusted points to 230
0
 
LVL 4

Expert Comment

by:dwwang
Comment Utility
Hi, I have a app run under linux/C, named ENDE. It has the ability processing incoming ICMP packets. How ever I wonder if it could help, due to the difference between network implementation in Linux and Win95.

If you think it may help, I can e-mail it to you.

Of course I will ask no points if it does not help.
0
 
LVL 1

Author Comment

by:jecksom
Comment Utility
Hi ,
nope  , i don't think it could help, networking mechanisms too different (i know how to
do this under Linux :) ) .

Thanx you anyway .
Jecksom

PS : don't forget this question . If you'll find something looks like solution, even if it's far
from main point of question.
(Sorry for my bad English)

0
 
LVL 4

Expert Comment

by:dwwang
Comment Utility
Well, how about this site?

http://www.sockets.com/ch16.htm
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 8

Expert Comment

by:ZifNab
Comment Utility
euhm, what does ICMP means?
0
 
LVL 8

Expert Comment

by:ZifNab
Comment Utility
this may come in handy :

"You can only listen on this port if you have the Microsoft network stuff disabled (there can only be one program listening to a socket at one time). If this is the case just create a listening socket on port 139, set it to asynchronous and each time you get data on this check with the ioctlsocket (command SIOCATMARK) if there's any OOB data on this port."

Zif.

0
 
LVL 1

Author Comment

by:jecksom
Comment Utility
Hi Zif !

ICMP - Internet Control Message Protocol, ecupsulating into IP - Internet protocol, utilized
for some different tasks like echo request/reply (ping,traceroute) .

I'm tring to intercept every ping that my box receiving (from different interfaces in NT case).
ICMP doesn't using PORT's as is , so 139 - NBD port not an answer, bcoz it's TCP port
(btw 137,138 NB  UDP ports ).

I guess Dwwang showed my right direction to search , only problem SOCK_RAW , raw
sockets only suppurted from 2.0 versions of winsock.

Thanx ,
        Jecksom.

0
 
LVL 4

Expert Comment

by:dwwang
Comment Utility
Hi, jecksom

Good luck.
0
 
LVL 4

Expert Comment

by:dwwang
Comment Utility
How are things going?
0
 
LVL 4

Accepted Solution

by:
dwwang earned 230 total points
Comment Utility
Hi, I finally find this site, talking about and showing full source code(C++) for programming RAW Socket. Hope this could be an answer. :)

http://www.cyberport.com/~tangent/programming/winsock/
0
 
LVL 1

Author Comment

by:jecksom
Comment Utility
Hi dwwang!

So answer is : no , you can't do this , unless you'll write NDIS driver .
I accept , this answer, since it's correct , there no chance to do this using Delphi only.

Thanx ,
Jecksom

PS : the only question when Inprise would supply us with VXD coding stuff (at least TASM32
include files) :(
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

A lot of questions regard threads in Delphi.   One of the more specific questions is how to show progress of the thread.   Updating a progressbar from inside a thread is a mistake. A solution to this would be to send a synchronized message to the…
This article explains how to create forms/units independent of other forms/units object names in a delphi project. Have you ever created a form for user input in a Delphi project and then had the need to have that same form in a other Delphi proj…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now