Ask a Question related to UNIX Programming, Design and Development.
-
Bjørn Augestad #1
Protection in a networked world, any suggestions?
Hello, everyone.
I've written a small, generic tcp/ip server which can be used to handle
tcp/ip communication. It doesn't implement any application layer
protocols, but handles buffering, connection requests, threads, work
queues and stuff like that. The server is written in C and the intention
is that the server should be portable between most POSIX platforms.
The current version is be pretty stable and bug free. Now I plan to add
features to make it more secure. I've got a few ideas of my own, but
like to hear yours as well.
Here are my current ideas:
- The current version implements something similar to hosts.allow. A
user can specify a reg. expression containing IP adresses which should
be allowed to connect. Clients with IP addresses not matching the
regular expression will be disconnected. Does that feature add any
security or am I just fooling myself?
- I plan to implement a dynamic black list. Clients which seem to be
malicious will be disconnected and added to the black list. Future
connection requests will be denied. The objective is to avoid DoS
attacks and the criteria for being added to the list may be:
a) Time from the connection was accepted to the first data received.
If the client doesn't send any data within n seconds, it will be
disconnected and added to the black list.
b) Incoming bps. If the clients sends data too slowly, the client
will be disconnected and added to the black list.
c) Outgoing bps. If the client reads data too slowly, the client
will be disconnected and added to the black list.
d) Appl. Protocol syntax errors. The tcp/ip server itself is generic
and can be used by e.g. a http server to handle communication. If the
http server detects e.g. weird http syntax errors or malicious requests,
the http server should be able to tell the tcp server to black list the
client.
Does such a black list add any value to a server?
Any other good ideas of securing a tcp/ip server? Any comment or
suggestion is very welcome. Thanks in advance.
--
boa
libclc home: [url]http://libclc.sourceforge.net[/url]
Bjørn Augestad Guest
-
Contribute: is it for use in a non-networked environment
My family wants to colaborate on a web site. Can we use Contribute to enable several of us to publish pages to the one site? If so, do we each... -
Networked computers don't see each other
I just installed a network between two computers. I have a cable modem that is on a separate NIC on Computer 1. I used the Windows Network Wizard.... -
Run //Ip address does not work to connect to networked PCs
I am trying to connect to PCs on our WAN using the Start,Run \\xxx.xxx.xx.x IP address command. From my XP PC it does not work, but from the XP PC... -
Networked audio
Hi everyone, I'm currently using NAS for networked and multi-source local audio, but it doesn't reproduce it correctly. I guess that it has to do... -
Networked computer list
My network consists of two machines - 1 laptop (LAPTOP) and 1 desktop (TINYPC), both running WinXP Pro. I was having problems when logging on to my...
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
