2.6.1.  SO_EXCLUSIVEADDRUSE socket option

The SO_EXCLUSIVEADDRUSE socket option is documented as follow in MSDN [22]:

The SO_EXCLUSIVEADDRUSE option prevents other sockets from being forcibly bound to the same address and port, a practice enabled by the SO_REUSEADDR option; such reuse can be executed by malicious applications to disrupt the application.

Thus, when this socket option is used by an application before using the bind() function, no other application will be able to bind to the same local address, even when the SO_REUSEADDR is used, as does nc.exe.

As said earlier, the Winsock API is implemented by the Afd driver, which interacts with the TCP/IP driver using the TDI interface. At the TDI level, TCP and UDP ports are represented by file objects.

The implementation of the SO_EXCLUSIVEADDRUSE socket option opens file objects in exclusive mode, setting the ShareAccess parameter of the ZwCreateFile() function to 0. Thus, file objects representing TCP and UDP ports can only be opened in exclusive mode, which correspond to exclusive binding at the Winsock level.

Warning: before Windows 2000 SP4, Windows XP SP2 or Windows Server 2003, this socket option can only be used by processes running with administrator credentials. This bug is documented in the #870562 Microsoft knowledge base article [23].