c# server security Help me out!
-
Hello i need some experimented coder opinion about how to securise a c# server 1. i have a c# server listening public incoming soket on my computer (XP Windows) so i have a port forwarded (86.123.xxx.xxx:666) in my gateway . user are then able send me data . but i need know what are the risk of a such conection for my computer. is there a way to block potential hacker attack?. 2.this server share (using soket) the IP with of all user (like a p2p machine). what i want is encrypt the IP(s) in a XML and share the IP.XML with users. i feel like it will not be hard for a hacker decrypt the IP.xml. how can i max secure this stuff. 3.I know from my old programme experience that haker can read my C# code so (like one of them(a friend lukily) success get my Sql password/user if i put it into the code). how to well secure my c# code and make it not readable and where to put sensible string like http://MydistanteSite/login.php or code for sql user =toto pass=123. i feel like c# totaly unsecure rigth now may be i should switch lange for include sensible data in a public machine? any security advise welcome^^
-
Hello i need some experimented coder opinion about how to securise a c# server 1. i have a c# server listening public incoming soket on my computer (XP Windows) so i have a port forwarded (86.123.xxx.xxx:666) in my gateway . user are then able send me data . but i need know what are the risk of a such conection for my computer. is there a way to block potential hacker attack?. 2.this server share (using soket) the IP with of all user (like a p2p machine). what i want is encrypt the IP(s) in a XML and share the IP.XML with users. i feel like it will not be hard for a hacker decrypt the IP.xml. how can i max secure this stuff. 3.I know from my old programme experience that haker can read my C# code so (like one of them(a friend lukily) success get my Sql password/user if i put it into the code). how to well secure my c# code and make it not readable and where to put sensible string like http://MydistanteSite/login.php or code for sql user =toto pass=123. i feel like c# totaly unsecure rigth now may be i should switch lange for include sensible data in a public machine? any security advise welcome^^
The .NET Framework has loads of Encryption classes. Use one of them.
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
The .NET Framework has loads of Encryption classes. Use one of them.
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
Yess i know i encrypted ip in xml they look like this but since .net encryption is well know i'm pretty sure haker have already theyr tool for decrypt that in a click i was hoping find something realy take a huge amout of time to decrypt so even when haker succes decrypte i can tell i win cuz i wasted a month of his life^^. i seen some tool on net for make c# source hard to read but no idea what is the best or i can use all of them on an .exe. making the code not understandable can help hiding that the .xml was even created on haker computer. so for the opened port any danger?
-
Yess i know i encrypted ip in xml they look like this but since .net encryption is well know i'm pretty sure haker have already theyr tool for decrypt that in a click i was hoping find something realy take a huge amout of time to decrypt so even when haker succes decrypte i can tell i win cuz i wasted a month of his life^^. i seen some tool on net for make c# source hard to read but no idea what is the best or i can use all of them on an .exe. making the code not understandable can help hiding that the .xml was even created on haker computer. so for the opened port any danger?
The software you have seen is probably what is known as an Obfuscator. Google for that word and you will get lots of hits. Most of the free ones would not deter a determined hacker but they would slow him/her down a bit.
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
The software you have seen is probably what is known as an Obfuscator. Google for that word and you will get lots of hits. Most of the free ones would not deter a determined hacker but they would slow him/her down a bit.
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
ye i was reading on that look interesting i may even use both Obfuscator and Salamander .Net Protector i seen this tool seem good enougth . at this point my programme will not just worth the time to be haked. now i need opinion how to securise my forwarded port from haker. I don' realize well what a haker can do realy using an opened port. think he can access my pc file (erase/download???) or again instal a trojan in my pc by sending soket?. what protection i should think about
-
Yess i know i encrypted ip in xml they look like this but since .net encryption is well know i'm pretty sure haker have already theyr tool for decrypt that in a click i was hoping find something realy take a huge amout of time to decrypt so even when haker succes decrypte i can tell i win cuz i wasted a month of his life^^. i seen some tool on net for make c# source hard to read but no idea what is the best or i can use all of them on an .exe. making the code not understandable can help hiding that the .xml was even created on haker computer. so for the opened port any danger?
evangile wrote:
net encryption is well know i'm pretty sure haker have already theyr tool for decrypt that in a click
.Net contains support for a number of different encryption algorithms. All of which are publicly available, but this is not an issue. What makes the encryption secure is the Key(s) that are used along with the algorithm. Without those keys any hacker would have a hard time with decrypting the majority of the encryption algorithms in .Net - AES[^] would be a good option to go for... The main problem with encrypting data is where to store the encryption key(s) What users to you intend to have this client application that would want to hack it for IP information anyway? Is it a public client application connecting to a private server? In my opinion letting them no what your IP address and port number anyway is not an issue. If they are sending data over the net them im sure there are tool they can use to monitor data being sent to and from there computers which would reveal you IP address anyway. Plus any good hacker could scan you live server for any open ports surely? Just make sure you have a good firewall set-up
Life goes very fast. Tomorrow, today is already yesterday.