IP/Host baning
-
How can i ban a Host or IP address before i do my accept() call ? Can i pool the connection queue ? Now im doing this: accept->check for valid IP->If it's valid(do nothing)else->close the socket. i belive this can be a bit insecure i dont really know. I what to call my checking routine before doing the accept() any ideas ? -- modified at 19:16 Sunday 13th November, 2005
-
How can i ban a Host or IP address before i do my accept() call ? Can i pool the connection queue ? Now im doing this: accept->check for valid IP->If it's valid(do nothing)else->close the socket. i belive this can be a bit insecure i dont really know. I what to call my checking routine before doing the accept() any ideas ? -- modified at 19:16 Sunday 13th November, 2005
It would probably be better to do this at the firewall level.
-
How can i ban a Host or IP address before i do my accept() call ? Can i pool the connection queue ? Now im doing this: accept->check for valid IP->If it's valid(do nothing)else->close the socket. i belive this can be a bit insecure i dont really know. I what to call my checking routine before doing the accept() any ideas ? -- modified at 19:16 Sunday 13th November, 2005
U can go for SSL Socket http://www.codeproject.com/internet/sslsocket.asp
-
How can i ban a Host or IP address before i do my accept() call ? Can i pool the connection queue ? Now im doing this: accept->check for valid IP->If it's valid(do nothing)else->close the socket. i belive this can be a bit insecure i dont really know. I what to call my checking routine before doing the accept() any ideas ? -- modified at 19:16 Sunday 13th November, 2005
benjamin23 wrote:
How can i ban a Host or IP address before i do my accept() call ?
Which class are you using? If you’re using CAsyncSocket then have you looked into over riding OnConnect? I dont have any code handy but there is a chapter in Secure Coding about doing this. (if I remember I will try and look up the santax when I get home)
DEBUGGING : Removing the needles from the haystack.
-
U can go for SSL Socket http://www.codeproject.com/internet/sslsocket.asp
sunit5 wrote:
ForumVisual C++ Subject:Re: IP/Host baning Sender:sunit5 Date:0:35 14 Nov '05 U can go for SSL Socket
Bu buddy you have to make he call for Accept() function before checking is this connection coming from valid ip
"Opinions are neither right nor wrong. I cannot change your opinion. I can, however, change what influences your opinion." - David Crow
cheers, Alok Gupta VC Forum Q&A :- I/ IV
-
How can i ban a Host or IP address before i do my accept() call ? Can i pool the connection queue ? Now im doing this: accept->check for valid IP->If it's valid(do nothing)else->close the socket. i belive this can be a bit insecure i dont really know. I what to call my checking routine before doing the accept() any ideas ? -- modified at 19:16 Sunday 13th November, 2005
The best you can do at the socket level is use WSAAccept and specify a condition function that will deny the required address'. However, this isn't a perfect solution, read the notes for WSAAccept. There is also other info out there on this, but i can't remember any links. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/winsock/winsock/wsaaccept_2.asp[^] ...cmk Save the whales - collect the whole set
-
The best you can do at the socket level is use WSAAccept and specify a condition function that will deny the required address'. However, this isn't a perfect solution, read the notes for WSAAccept. There is also other info out there on this, but i can't remember any links. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/winsock/winsock/wsaaccept_2.asp[^] ...cmk Save the whales - collect the whole set
[LPCONDITIONPROC lpfnCondition] Procedure instance address of the optional, application-specified condition function that will make an accept/reject decision based on the caller information passed in as parameters, and optionally create or join a socket group by assigning an appropriate value to the result parameter g of this function. defines a callback its a verry intresting option but not code samples are supplied by MS any ideas ?