Date: Wed, 21 Mar 2018 13:03:48 -0700 From: "Ronald F. Guilmette" <rfg@tristatelogic.com> To: FreeBSD Net <freebsd-net@freebsd.org> Subject: Re: Raw Sockets: Two Questions Message-ID: <4584.1521662628@segfault.tristatelogic.com> In-Reply-To: <5AB2AD9F.6040600@grosbein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <5AB2AD9F.6040600@grosbein.net>, Eugene Grosbein <eugen@grosbein.net> wrote: >Why should you concentrate on RAW sockets? Well, for reasons that are completely legitimate, and that I'll explain in detail, if anyone is seriously interested, I'd like to check each IPv4 address within a set of about 90 or so modest sized CIDRs and find out which ones of those have a certain TCP port accepting connections. It would be (and is) trivial, of course, to just simply write a little program to perform an ordinary TCP connect, complete with all three parts of the TCP handshake, and then have the program do that, individually, for each IP in the specified CIDRs, but my opinion/impression is that this could be quite slow. Obviously, it would be rather faster to just send out the SYNs, full throttle, one per IP, and then see what SYN-ACKs come back. And actually, now that I've just reviewed the online man page for zmap, I see that (contrary to my earlier belief/suspicion) this has enough control options to me useful to me, so I'll probably just use that instead of rolling my own. (I first learned about zmap some long time ago, but only just today decided to actually take it out for a test drive.) Still, there may be some other reasons for me to educate myself about proper programming techniques utilizing raw sockets, but I'll talk about that in a separate post to follow this one.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4584.1521662628>