Results 1 to 3 of 3

Thread: RAW Sockets questions host OS running BT Guest

  1. #1
    Just burned his ISO
    Join Date
    Feb 2010
    Location
    505
    Posts
    10

    Default RAW Sockets questions host OS running BT Guest

    Greetings,

    Since XP+ pretty much do not allow for raw sockets, does that inability extend down into a guest OS? while the vm can do raw sockets, it is limited because the host OS cannot?


    Does that make any sense?

    Thanks again

  2. #2
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default Re: RAW Sockets questions host OS running BT Guest

    XP+ do allow raw sockets (in a certain kind of way), and tools like nmap work around them.

    I've never actually turned around and tcpdump'd a machine to see what packets are getting through, but a Virtual Machine would need to pretty strongly generate its own packets its own way - otherwise the stack wouldn't work at all and you'd have a useless VM - but on the other hand I've never noticed my tools operating differently from VM to laptop, which should be indicative.

    So, test it first, sniff a machine you are scanning/hping'ing/dumping to and see if the packets are manipulated on the way out of the direct-to-network VM - I rather think they'll be fine, but can't say for sure.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  3. #3
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: RAW Sockets questions host OS running BT Guest

    Quote Originally Posted by Gitsnik View Post
    XP+ do allow raw sockets (in a certain kind of way), and tools like nmap work around them.
    Yep, read this for more info.

    Quote Originally Posted by Gitsnik View Post
    I've never actually turned around and tcpdump'd a machine to see what packets are getting through, but a Virtual Machine would need to pretty strongly generate its own packets its own way - otherwise the stack wouldn't work at all and you'd have a useless VM - but on the other hand I've never noticed my tools operating differently from VM to laptop, which should be indicative.

    So, test it first, sniff a machine you are scanning/hping'ing/dumping to and see if the packets are manipulated on the way out of the direct-to-network VM - I rather think they'll be fine, but can't say for sure.
    I would also assume that the host OS should send the guests IP packets on pretty much unmolested, however I also agree with Gitsnik that if in doubt, you should test it to confirm. Always a good rule in my opinion, and its a neceessary skill to pick up if you are a pentester - testing your tools to confirm they work the way you think they do. Let us know of your results.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

Similar Threads

  1. Sniffing host OS traffic via guest OS(BT4pre)
    By g1ic7h in forum OLD BackTrack 4 General Support
    Replies: 17
    Last Post: 11-19-2009, 11:37 PM
  2. Running BT3 in VirtualBox with a 64bit host
    By AbsolutePower in forum OLD Newbie Area
    Replies: 1
    Last Post: 10-30-2009, 07:03 PM
  3. Running the Backtrack VM on a Vista host
    By sanbarrow in forum OLD Newbie Area
    Replies: 2
    Last Post: 11-30-2008, 11:45 AM
  4. C Sockets
    By Mr-Protocol in forum OLD Programming
    Replies: 13
    Last Post: 11-10-2008, 06:56 AM
  5. VMware Server w/XP host & BT2 Guest
    By alacrityathome in forum OLD BackTrack v2.0 Final
    Replies: 21
    Last Post: 11-28-2007, 09:05 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •