Re: socketServer questions
- From: rbt <rbt@xxxxxxxxxxxxxxxxx>
- Date: Fri, 07 Oct 2005 16:58:28 -0400
On Fri, 2005-10-07 at 09:17 -0700, Paul Rubinhttp: wrote:
> > 3. How do I keep people from tampering with the server? The clients
> > send strings of data to the server. All the strings start with x and
> > end with y and have z in the middle. Is requiring x at the front and
> > y at the back and z someplace in the middle enough to keep people
> > out? I'm open to suggestions.
>
> It only keeps them out if they don't know to use that x..y..z pattern
> and maybe not even then. Get a copy of "Security Engineering" by
> Ross Anderson to have an idea of what you're dealing with, especially
> if your server controls something valuable.
The server just logs data, nothing else. It's not private or important
data... just sys admin type stuff (ip, mac addy, etc.). I just don't
want some script kiddie discovering it and trying to 'hack' it. By doing
so, they'd fill the log up with crap. So, If the data doesn't contain x,
y, and z and if the data is too big or too small, I record it to a
'tamper' log and tell the leet hacker to 'go away'.
.
- Follow-Ups:
- Re: socketServer questions
- From: Paul Rubin
- Re: socketServer questions
- References:
- socketServer questions
- From: rbt
- Re: socketServer questions
- From: Paul Rubin
- socketServer questions
- Prev by Date: Re: When someone from Britain speaks, Americans hear a "British accent"...
- Next by Date: Re: How to run python scripts with IDLE
- Previous by thread: Re: socketServer questions
- Next by thread: Re: socketServer questions
- Index(es):
Relevant Pages
|
