Network protocol stack and TCP hacking
The network protocol stack, which forms the carrier and pipeline of data from one host to another is designed in such a way that we can interact with different layers at desired level. This article is a small attempt to describe the movement of data through these stacked layers and at the end we will try to implement a linux kernel module which helps us to capture the data flowing out to TCP layer and display it. I think to talk about all those really basic network communication is not necessary here. So I will straight away talk about the implementation of TCP/IP communication.
Network devices form the bottom layer of the protocol stack. they use a link layer protocol (usually Ethernet) to communicate with other devices to send and receive traffic. The interface put up by the network device driver copy packets from a physical medium, perform some error checks,Then puts up the packet to the network layer. Output interfaces receive packets from the network layer, perform some error checks, and then send them out over the physical medium. Here we shall talk about the IP which is the standard standard network layer protocol. The main functionality of IP is routing , it checks incoming packets to see if they are for the host computer or if they need to be forwarded. It defragments packets if necessary and delivers them to the transport protocols. It has a dynamic database of routes for outgoing packets; it addresses and fragments them if necessary before sending them down to the link layer.
By shyamjith at Linux Gazette.
[ Read more ]
- Review: TCP/IP Unleashed (23 June 2003)
- Review: Network Monitoring and Analysis: A Protocol Approach to Troubleshooting (2 June 2003)
- Review: TCP/IP Bible (19 May 2003)
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.