what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

icmpmon.c

icmpmon.c
Posted Aug 17, 1999
Authored by CyberPsychotic

icmpmon will show you all ICMP packets reaching your box, which could be useful in detecting attacks/portscans sometimes.

tags | tool, intrusion detection
systems | unix
SHA-256 | 022ca57c1cf8a1c087388030afe727b83e14995bc7264c8b9f75ccdbaa969603

icmpmon.c

Change Mirror Download
/* icmpmon might be lame piece, but is done more for experimenting
* purposes rather than a something neato :)
*
* will show you all ICMP packets reaching your box, which could be useful
* in detecting attacks/portscans sometimes.
*
* comments: fygrave@tigerteam.net
* flames : postmaster@localhost
* browsers: http://www.kalug.lug.net
*/


/* BSD compatibility */
#define __USE_BSD

#include <stdio.h>
#include <unistd.h>
#include <net/if.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <sys/ioctl.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>

char *icmppack[]={"ICMP ECHO REPLY","#1","#2","ICMP DEST UNREACHABLE",
"ICMP SOURCE QUENCH","ICMP REDIRECT","#6","#7","ICMP ECHO",
"ROUTER ADVERTISEMENT","ROUTER SOLICITATION","ICMP TIME EXCEEDED",
"ICMP PARAM PROBLEM",
"ICMP TIMESTAMP REQUEST","ICMP INFO REQUEST","ICMP INFO REPLY",
"ICMP ADDRESS","ICMP ADDRESS REPLY"};
char *icmpunreach[]={"Network unreachable", "host unreachable",
"protocol unreachable", "port unreachable","need fragmentation",
"source routed fialed","net denied","host denied","bad tos for net",
"bad tos for host","filter denied","host precedence violation",
"precedence cutoff"};
char *icmpredir[]={"Network redirect","host redirect","tos and net redir",
"tos and host redir"};
char *icmptimex[]={"time exceed in transit","time exceed in reassembly"};






int sendpack( int s, u_long srcaddr, u_short srcport, u_long dstaddr, u_short dstport, u_char *packet) {

return 0;
}

int main(argc,argv)
int argc;
char **argv;
{
int rawfd,rd,rsize;
int one=1;
u_char buf[1024];
struct sockaddr_in raddr;
struct ip *ip;
struct icmp *icmp;

if ((rawfd=socket(PF_INET,SOCK_RAW,IPPROTO_ICMP))<0) {
perror("RawSocket:");
exit(1);
}
if (setsockopt(rawfd,IPPROTO_IP,IP_HDRINCL,&one,sizeof(one))<0) {
perror("SetSockOpt:");
close(rawfd);
exit(1);
}



printf("Listening to ICMP packets\n");
for(;;) {
fflush(stdout);
if ((rd=recvfrom(rawfd,buf,1024,0,(struct sockaddr *)&raddr,&rsize))<0) break;
ip=(struct ip *)buf;
icmp=(struct icmp *)&buf[ip->ip_hl<<2];


printf("%s packet from: %s ",icmppack[icmp->icmp_type],inet_ntoa(ip->ip_src));
/* details */
switch(icmp->icmp_type) {
case ICMP_UNREACH :
printf("[%s]\n",icmpunreach[icmp->icmp_code]);
break;
case ICMP_REDIRECT :
printf("[%s]\n",icmpredir[icmp->icmp_code]);
break;
case ICMP_TIMXCEED :
printf("[%s]\n",icmptimex[icmp->icmp_code]);
break;
default:
printf("\n");
}
}
close(rawfd);
return 0;
}
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close