Thread: General Socket TCP/UDP Security Question

  1. #1
    #junkie
    Join Date
    Oct 2004
    Posts
    240

    General Socket TCP/UDP Security Question

    Assuming i use only one port for this specific program (although ofcourse others are open due to other none related programs running, ie, Aim, IRC, Games, w/e),

    How open to security risks am i? Is it easy to program TCP/UDP as safe as say opening up AIM is?

    Any information ( no matter how obvious ) you think i should be aware of please state it. Thanks for reading & any replies!
    01110111011000010110110001100100011011110010000001 11000101110101011010010111010000100000011011000110 10010110011001100101001000000111100101101111011101 0100100000011011100111010101100010

  2. #2
    Registered User
    Join Date
    Nov 2002
    Posts
    491
    What exactly are you asking? If running a daemon is a security risk? Or if having open ports in your firewall is a security risk? If the former, then the security risk is how well you handle the data on the socket. If you don't handle the data properly then your program will not work properly and various people will be able to take advantage of that.

  3. #3
    #junkie
    Join Date
    Oct 2004
    Posts
    240
    I'm asking that when i program using sockets if theres generally anything i should be aware of security wise.

    I spose i'll stumble my way through my 2nd Wrapper (server) that simple sends strings back and forth, and post the code and see how horridly open i make myself
    01110111011000010110110001100100011011110010000001 11000101110101011010010111010000100000011011000110 10010110011001100101001000000111100101101111011101 0100100000011011100111010101100010

  4. #4
    Registered User
    Join Date
    Nov 2002
    Posts
    491
    You need to be aware of how much data, and what data you are sending/receiving and be able to properly handle malformed data. The simplest policy is purposley crashing, alternativly you can try to do something with it and recover.

  5. #5
    #junkie
    Join Date
    Oct 2004
    Posts
    240
    k

    Like i said imma prob work on a newer wrapper for my needs & after i get TCP & UDP strings workin good i'll try to learn more about types of data you can send, and how to error check.

    I was going to build a little class library to convert whatever data i need to send ( dif values ) into string format, then back.

    dunno what i'd use, prob somethin simple. "int:intname:546, string:myString:'heres a string!'"

    But thats just a backup to after i research data types and whatnot
    01110111011000010110110001100100011011110010000001 11000101110101011010010111010000100000011011000110 10010110011001100101001000000111100101101111011101 0100100000011011100111010101100010

  6. #6
    Registered User
    Join Date
    Nov 2002
    Posts
    491
    I'd suggest just using erlang or python to play around, especially if saftey is a concern.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. socket programming question, closing sockets...
    By ursula in forum Networking/Device Communication
    Replies: 2
    Last Post: 05-31-2009, 05:17 PM
  2. General question
    By saudi-vip in forum C Programming
    Replies: 11
    Last Post: 10-10-2008, 04:46 PM
  3. General Question
    By GSLR in forum A Brief History of Cprogramming.com
    Replies: 4
    Last Post: 05-02-2002, 12:15 PM
  4. General GUI question in C
    By Music_Man in forum Game Programming
    Replies: 3
    Last Post: 11-16-2001, 11:45 AM
  5. Question about socket programming
    By Bill in forum C Programming
    Replies: 3
    Last Post: 09-05-2001, 03:49 AM