Graphics Programs Reference
In-Depth Information
The remaining libnet functions get hardware addresses, get the IP address,
and look up hosts. These functions have descriptive names and are explained
in detail on the libnet man page.
From the libnet Man Page
libnet_get_hwaddr()
takes a pointer to a link layer interface struct, a
pointer to the network device name, and an empty buffer to be used in case of
error. The function returns the MAC address of the specified interface upon
success or 0 upon error (and errbuf will contain a reason).
libnet_get_ipaddr()
takes a pointer to a link layer interface struct, a
pointer to the network device name, and an empty buffer to be used in case of
error. Upon success the function returns the IP address of the specified
interface in host-byte order or 0 upon error (and errbuf will contain a
reason).
libnet_host_lookup()
converts the supplied network-ordered (big-endian) IPv4
address into its human-readable counterpart. If use_name is 1,
libnet_host_lookup() will attempt to resolve this IP address and return a
hostname, otherwise (or if the lookup fails), the function returns a dotted-
decimal ASCII string.
Once you've learned how to read C code, existing programs can teach
you a lot by example. Programming libraries like libnet and libpcap have
plenty of documentation that explains all the details you may not be able to
divine from the source alone. The goal here is to teach you how to learn
from source code, as opposed to just teaching how to use a few libraries. After
all, there are many other libraries and a lot of existing source code that
uses them.
0x450
Denial of Service
One of the simplest forms of network attack is a Denial of Service (DoS) attack.
Instead of trying to steal information, a DoS attack simply prevents access to
a service or resource. There are two general forms of DoS attacks: those that
crash services and those that flood services.
Denial of Service attacks that crash services are actually more similar to
program exploits than network-based exploits. Often, these attacks are depen-
dent on a poor implementation by a specific vendor. A buffer overflow exploit
gone wrong will usually just crash the target program instead of directing the
execution flow to the injected shellcode. If this program happens to be on a
server, then no one else can access that server after it has crashed. Crashing
DoS attacks like this are closely tied to a certain program and a certain version.
Since the operating system handles the network stack, crashes in this code
will take down the kernel, denying service to the entire machine. Many of
these vulnerabilities have long since been patched on modern operating
systems, but it's still useful to think about how these techniques might be
applied to different situations.
