Msg on sys_socket

thorsten fly_a320 at gmx.de
Mon Mar 21 23:23:30 PST 2005


Hello all,

I was interested in programs, which create a socket on my box in order 
to see if there are sniffers on the system. However I am not the best 
Kernel Hacker / Networking specialist, so comments are welcome. Subjects 
I am particularily interested in, are:

- is this a silly idea? why?
- is the implementation OK ?
- do I get all relevant sockets with
        if (PF_INET==family || PF_PACKET==family)
- is there a better way to do the same?

thanks thorsten happel


thorsten at linux:~$ cat linux-2.6.11.5-info-sock-create.patch
--- linux-2.6.11.5/net/socket.c 2005-03-22 08:03:57.000000000 +0100
+++ linux-2.6.11.5/net/socket.c 2005-03-22 08:06:03.000000000 +0100
@@ -88,6 +88,7 @@

  #include <asm/uaccess.h>
  #include <asm/unistd.h>
+#include <asm/current.h>

  #include <net/compat.h>

@@ -1185,6 +1186,9 @@
         struct socket *sock;

         retval = sock_create(family, type, protocol, &sock);
+  if (PF_INET==family || PF_PACKET==family) \
+         printk(KERN_INFO "Socket created by:%s, PID:%d\n", \
+        current->comm, current->pid);
         if (retval < 0)
                 goto out;





More information about the hlfs-dev mailing list