471,319 Members | 1,625 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,319 software developers and data experts.

Securing socket communications

Hi all.
How can i secure socket communications?
Is it possible to use ssl?
Thanks,
Sharon.
Jan 22 '06 #1
8 6250
Hello Sharon,

AFIK SSL is limited to HTTP communication, although on an infrastructure
level you could look at IPSec.

--
Patrik Löwendahl [C# MVP]
http://www.lowendahl.net
Hi all.
How can i secure socket communications?
Is it possible to use ssl?
Thanks,
Sharon.

Jan 22 '06 #2
If you are using .NET Remoting you could use an HTTP Channel and benefit
from the IIS security. You will get "out of the box" security, the
drawbacks are that you will need to istall IIS and host the remote
objects in ASP.NET of course the there is always a drawback: performance.
Here is an article about .net remoting security:
http://msdn.microsoft.com/library/de...SecNetch11.asp
--
Regards,
David Hernández Díez
MCDBA MCSD vs6 & .NET
DCE5 .Net1.1 & DCE2 .NET 2.0

Sharon wrote:
Hi all.
How can i secure socket communications?
Is it possible to use ssl?
Thanks,
Sharon.

Jan 22 '06 #3
Thanks for your reply David.
This means that with every installation of my server, i will have to install
IIS,
and possibly a certificate.
I guess i can use IIS only in the login phase, and send back a secret key,
which
will be used to encrypt further socket communications.
But i will use this option only as a last resort.
Regards,
Sharon.
"David Hernandez Diez" <dh****@newsgroups.nospam> wrote in message
news:ur**************@TK2MSFTNGP11.phx.gbl...
If you are using .NET Remoting you could use an HTTP Channel and benefit
from the IIS security. You will get "out of the box" security, the
drawbacks are that you will need to istall IIS and host the remote objects
in ASP.NET of course the there is always a drawback: performance.
Here is an article about .net remoting security:
http://msdn.microsoft.com/library/de...SecNetch11.asp
--
Regards,
David Hernández Díez
MCDBA MCSD vs6 & .NET
DCE5 .Net1.1 & DCE2 .NET 2.0

Sharon wrote:
Hi all.
How can i secure socket communications?
Is it possible to use ssl?
Thanks,
Sharon.

Jan 22 '06 #4
Patrik Löwendahl [C# MVP] wrote:
Hello Sharon,

AFIK SSL is limited to HTTP communication, although on an infrastructure
level you could look at IPSec.


SSL is not limited to HTTP communication, it can be used with anything
that runs over TCP.

The OpenSSL page links to a page where openssl binaries for windows can
be downloaded: http://www.openssl.org/related/binaries.html
I can't find any official OpenSSL libs for .NET. I guess it should be
easy to write a .NET wrapper around that though. Someone on codeproject
seems to have done that already:
http://www.codeproject.com/managedcpp/sslclasses.asp

Strange that there aren't any official/trustworthy .NET wrappers for
openssl yet.

hth,
Max
Jan 22 '06 #5
It should be noted that in .NET 2.0, you can use the SslStream class to
perform SSL communications.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

"Markus Stoeger" <sp******@gmx.at> wrote in message
news:uc**************@TK2MSFTNGP12.phx.gbl...
Patrik Löwendahl [C# MVP] wrote:
Hello Sharon,

AFIK SSL is limited to HTTP communication, although on an infrastructure
level you could look at IPSec.


SSL is not limited to HTTP communication, it can be used with anything
that runs over TCP.

The OpenSSL page links to a page where openssl binaries for windows can be
downloaded: http://www.openssl.org/related/binaries.html
I can't find any official OpenSSL libs for .NET. I guess it should be easy
to write a .NET wrapper around that though. Someone on codeproject seems
to have done that already:
http://www.codeproject.com/managedcpp/sslclasses.asp

Strange that there aren't any official/trustworthy .NET wrappers for
openssl yet.

hth,
Max

Jan 22 '06 #6
This won't work, since you can not decouple a good deal of the
infrastructure of ASP/ASP.NET from IIS.

In .NET 2.0, you should take a look at the SslStream class, as it will
do what you are looking for.

Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

"Sharon" <no*****@null.void> wrote in message
news:uJ**************@TK2MSFTNGP15.phx.gbl...
Thanks for your reply David.
This means that with every installation of my server, i will have to
install IIS,
and possibly a certificate.
I guess i can use IIS only in the login phase, and send back a secret key,
which
will be used to encrypt further socket communications.
But i will use this option only as a last resort.
Regards,
Sharon.
"David Hernandez Diez" <dh****@newsgroups.nospam> wrote in message
news:ur**************@TK2MSFTNGP11.phx.gbl...
If you are using .NET Remoting you could use an HTTP Channel and benefit
from the IIS security. You will get "out of the box" security, the
drawbacks are that you will need to istall IIS and host the remote
objects in ASP.NET of course the there is always a drawback: performance.
Here is an article about .net remoting security:
http://msdn.microsoft.com/library/de...SecNetch11.asp
--
Regards,
David Hernández Díez
MCDBA MCSD vs6 & .NET
DCE5 .Net1.1 & DCE2 .NET 2.0

Sharon wrote:
Hi all.
How can i secure socket communications?
Is it possible to use ssl?
Thanks,
Sharon.


Jan 22 '06 #7
Nicholas Paldino [.NET/C# MVP] wrote:
This won't work, since you can not decouple a good deal of the
infrastructure of ASP/ASP.NET from IIS.

In .NET 2.0, you should take a look at the SslStream class, as it will
do what you are looking for.

Hope this helps.

I'm not sure about all of ASP.NET, but Web Services can be hosted
outside of IIS using pure .NET.

http://msdn.microsoft.com/msdnmag/is...erviceStation/

Coupled with SslStream, you may be able to run your own https:// web
service.
--
Jay R. Wren
Jan 23 '06 #8
Hosting a web service could work.
I'm also looking into HttpListener class.
Thanks.

"Jay R. Wren" <jr****@gmail.com> wrote in message
news:uh*************@TK2MSFTNGP12.phx.gbl...
Nicholas Paldino [.NET/C# MVP] wrote:
This won't work, since you can not decouple a good deal of the
infrastructure of ASP/ASP.NET from IIS.

In .NET 2.0, you should take a look at the SslStream class, as it
will
do what you are looking for.

Hope this helps.

I'm not sure about all of ASP.NET, but Web Services can be hosted
outside of IIS using pure .NET.

http://msdn.microsoft.com/msdnmag/is...erviceStation/

Coupled with SslStream, you may be able to run your own https:// web
service.
--
Jay R. Wren

Jan 24 '06 #9

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

1 post views Thread by batista | last post: by
3 posts views Thread by Court Jester | last post: by
reply views Thread by Mangabasi | last post: by
1 post views Thread by ElvisRS | last post: by
5 posts views Thread by AeonOfTime | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.