Where can I find information on how to secure a socket server? I'd like to
implement the necessary measures to avoid hackers attacks and to
authenticate the clients...
thanks,
Juan. 3 2196
HI Juan,
Always authenticate the client first, and if possible try to restrict the
IP sources other than that there is nothing much you can do to avoid a
hacker to connect to your server.
You can use a couple of techniques to try to minimize the possible
ocurrence of a break in, for example disconnect the client if an unknow
command is received (I do this) or if you know that no more than a certain
numbers of clients will connect at the same time you can control how manies
connection are live at the same time. Also if the protocol you defined is
text in the ruotine where you get the command check if the receiving string
is sending a command bigger than your limit, if so drop the conneciton.
Hope this help,
--
Ignacio Machin,
ignacio.machin AT dot.state.fl.us
Florida Department Of Transportation
"Juan" <ju************ *****@ANTISPAMh otmail.com> wrote in message
news:eo******** ******@TK2MSFTN GP10.phx.gbl... Where can I find information on how to secure a socket server? I'd like to implement the necessary measures to avoid hackers attacks and to authenticate the clients...
thanks, Juan.
Yes, and in addition, maintain a blacklist. If a particular client IP
address trys to execute an invalid command or tries to connect multiple
times simultaneously [in an attempt to overwhelm your system], drop the
connection and store that IP address in a Hashtable somewhere so that all
future connection attempts from that IP will be dropped.
"Ignacio Machin ( .NET/ C# MVP )" <ignacio.mach in AT dot.state.fl.us > wrote
in message news:en******** *****@TK2MSFTNG P09.phx.gbl... HI Juan,
Always authenticate the client first, and if possible try to restrict the IP sources other than that there is nothing much you can do to avoid a hacker to connect to your server. You can use a couple of techniques to try to minimize the possible ocurrence of a break in, for example disconnect the client if an unknow command is received (I do this) or if you know that no more than a certain numbers of clients will connect at the same time you can control how
manies connection are live at the same time. Also if the protocol you defined is text in the ruotine where you get the command check if the receiving
string is sending a command bigger than your limit, if so drop the conneciton.
Hope this help,
-- Ignacio Machin, ignacio.machin AT dot.state.fl.us Florida Department Of Transportation
"Juan" <ju************ *****@ANTISPAMh otmail.com> wrote in message news:eo******** ******@TK2MSFTN GP10.phx.gbl... Where can I find information on how to secure a socket server? I'd like
to implement the necessary measures to avoid hackers attacks and to authenticate the clients...
thanks, Juan.
Thanks, those measures make a lot of sense... I also want to encrypt the
password for transmission... any resources I can use on how to do this?
Juan.
"David Sworder" <Gi********@CSI LasVegas.com> escribió en el mensaje
news:OU******** ******@TK2MSFTN GP12.phx.gbl... Yes, and in addition, maintain a blacklist. If a particular client IP address trys to execute an invalid command or tries to connect multiple times simultaneously [in an attempt to overwhelm your system], drop the connection and store that IP address in a Hashtable somewhere so that all future connection attempts from that IP will be dropped.
"Ignacio Machin ( .NET/ C# MVP )" <ignacio.mach in AT dot.state.fl.us >
wrote in message news:en******** *****@TK2MSFTNG P09.phx.gbl... HI Juan,
Always authenticate the client first, and if possible try to restrict
the IP sources other than that there is nothing much you can do to avoid a hacker to connect to your server. You can use a couple of techniques to try to minimize the possible ocurrence of a break in, for example disconnect the client if an unknow command is received (I do this) or if you know that no more than a
certain numbers of clients will connect at the same time you can control how manies connection are live at the same time. Also if the protocol you defined
is text in the ruotine where you get the command check if the receiving string is sending a command bigger than your limit, if so drop the conneciton.
Hope this help,
-- Ignacio Machin, ignacio.machin AT dot.state.fl.us Florida Department Of Transportation
"Juan" <ju************ *****@ANTISPAMh otmail.com> wrote in message news:eo******** ******@TK2MSFTN GP10.phx.gbl... Where can I find information on how to secure a socket server? I'd
like to implement the necessary measures to avoid hackers attacks and to authenticate the clients...
thanks, Juan.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Juan |
last post by:
Where can I find information on how to secure a socket server? I'd like to
implement the necessary measures to avoid hackers attacks and to
authenticate the clients...
thanks,
Juan.
|
by: zbcong |
last post by:
Hello:
I write a multithread c# socket server,it is a winform application,there is a richtextbox control and button,when the button is click,the server begin to listen the socket port,waiting for a incoming connection,the relative code snipprt as following::
private IPAddress myIP=IPAddress.Parse("127.0.0.1");
private IPEndPoint myServer;
private Socket socket;
private Socket accSocket;
private System.Windows.Forms.Button button2;...
|
by: zhebincong |
last post by:
Hello:
I write a multithread c# socket server,it is a winform application,there is
a richtextbox control and button,when the button is click,the server begin
to listen the socket port,waiting for a incoming connection,the relative
code snipprt as following::
private IPAddress myIP=IPAddress.Parse("127.0.0.1");
|
by: Chris Tanger |
last post by:
Context:
C#
System.Net.Sockets
Socket created with constructor prarmeters Internetwork, Stream and TCP
everything else is left at the default parameters and options except linger
may be changed as I find appropriate.
I am using the socket asynchronously by calling the BeingSend and
BeginReceive calls. I would like to be able to call shutdown and close
asynchronously if possible.
|
by: Wm. Scott Miller |
last post by:
Hello all!
We are building applications here and have hashing algorithms to secure
secrets (e.g passwords) by producing one way hashes. Now, I've read alot
and I've followed most of the advice that made sense. One comment I've seen
alot about is "securing the hashing routine" but no-one explains how to
accomplish this. So how do I secure my hashing routine? Do I use code
access security, role based security, ACLs, etc or combination?...
| |
by: Rene Sørensen |
last post by:
We are 4 students working on a assignment, that our teacher gave use,
normally we do this is C++, but the 4 of us, use C# more often that
C++ so…
We made a small games called reversi, now our job is to make a server,
none of us know nothing about socket programming in C#, but we founds
some guides for this, and now ,got a server running, but we have some
problems though. We have 2 scenario, one where we use a telnet
connection and one...
|
by: Sharon |
last post by:
Hi all.
How can i secure socket communications?
Is it possible to use ssl?
Thanks,
Sharon.
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
| |
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |