Hosting Provided By

Re: Trusting localhost?

From: Sam Baskinger <sam(at)reefedge.com>
Date: Tue Jul 29 2003 - 13:50:03 EDT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If security is a high concern and you must use an inet domain socket and not another form of more localized IPC, then you may want to use a program like hping to be sure that packets recieved with a destination address of 127.0.0.1 do not get sent to the local host. It would be awfully hard to mount an attack like this, but the test is simple enough to try and be sure of. You can use a network analyzer for windows like windump or ethereal to check this out and be sure.

Sam

On Tuesday 29 July 2003 08:04, Felipe Franciosi wrote:
> > If you are creating an application that communicates using TCP, but
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/JrPLuabcSIn58XwRAjptAKCsDtAIrq5+I8T3a4Dk4CebyK0LLACfTUvj jW8/GGSHfOPC9VMak6LVe+4=
=NSyp
-----END PGP SIGNATURE----- Received on Tue Jul 29 14:19:34 2003

This message: [ Message body ]
Next message: pablo gietz: "Password Hiding"
In reply to Felipe Franciosi: "Re: Trusting localhost?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:46 EDT