i'm learning about networking on a site and there says there are 3 types of sending data:
unicast, multicast and broadcast
in the unicast case the IP layer encapsulates the IP destination(let's say "derp"). the interesting fact i've read about the unicast is that all machines within the same network will recieve the packet that is supposed to arrive at derp, but only derp will 'accept' the packet as the rest of the machines will drop it seeing the destination IP doesn't match with its IP.
so, i suppose kernel does check the ip matching which means it also drops the packet if it doesn't match.
what i'm interested in: "is it possible to catch the packets denied by kernel?" if yes, how?
dospy
51
Junior Poster in Training
Recommended Answers
Jump to PostI think you may need to look into packet sniffing... Though, there would be even more interesting detail you may like to read.
All 4 Replies
Taywin
312
Posting Virtuoso
I think you may need to look into packet sniffing... Though, there would be even more interesting detail you may like to read.
dospy
51
Junior Poster in Training
the problem is that the packets don't arrive to packet sniffers because they are discarded right away
nmaillet
97
Posting Whiz in Training
This also depends on your network as well. Many modern switches provide layer 3 support as well; that is, they are IP aware. If they do, they will keep routing tables, and usually only forward it to one port. Some commericial switches have a specific port that all packets are forwarded to for packet sniffers to use.
Taywin
312
Posting Virtuoso
As nmaillet said, it involves hardware at this point...
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.