secure UDP?

Sprint

Well-known member
Joined
Feb 3, 2006
Messages
58
Location
Ohio
Programming Experience
5-10
Re: http://www.vbdotnetforums.com/net-sockets/22844-how-listen-tcp-port-broadcast.html. Now....how would you make this more secure?

I have a small app we use for computer maintenance, inventory, user backups, etc. I wanted to add the ability to send some commands through the network and also to pop up network messages. Got the messaging part done on a random UDP port. But what would prevent someone form just sending garbage to this UDP port and my program taking that garbage and putting it into a message box (that's all I'm doing currently).

For the time being I check the subnet they are on and if it's in our list of subnets it enables the listener thread otherwise it simply doesn't run it so that's relatively secure. How can I go a step further with a simple UDP broadcast? Make sure the first xx characters are some type of passcode and then do something?

-Allan
 
Last edited:
Having a communication protocol allow you to validate that the content is in the expected format. If something is in plain text there's always a chance someone could pick it up and figure it out. To prevent that you could encrypt the content.
 
I supposed on top of making sure I only listen when on my subnet I could also put some code as the first say 10 characters and only do something if that code equals my ten characters. The only issue then is if someone is sitting packet sniffing they would be able to read the ten characters. Or better yet do both, add a "header", encrypt it, send it then on receive decrypt it and make sure the "header" matches a list of known headers. I would imagine that would make it pretty secure.
 
What I ended up using in case anyone is curious. Replace CODEHERE!! with whatever you want....I didn't bother encrypting and decrypting because I only enable the receiving once I verify I'm on a "allowed" subnet and also that my domain is available. So my only weakness is if someone plugged into my network and packet sniffer to figure out the header and if someone is doing that I have more issue to worry about then them sending popup messages. My send routine:

VB.NET:
    Private Sub UDPSender(ByVal MessageToSend As String)
        If MessageToSend.Length > 0 Then
            Dim myMessage As String = "CODEHERE!!" & MessageToSend
            Dim MyUDPMessage As New Net.Sockets.UdpClient()
            MyUDPMessage.EnableBroadcast = True
            Dim ep As New Net.IPEndPoint(Net.IPAddress.Broadcast, My.Settings.UDPPortforNetworkMessages)
            Dim b() As Byte = System.Text.Encoding.UTF32.GetBytes(myMessage)
            MyUDPMessage.Send(b, b.Length, ep)
            MyUDPMessage.Close()
        End If

Then to receive the message
VB.NET:
    Private myUDPClient As Net.Sockets.UdpClient
    Private myUDPListenerThread As New Threading.Thread(AddressOf UDPListener)

    Private Sub MainForm_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
                ' Start up the UDP Port listener for network messages.  (I have a check for one of my network servers also to make sure we only enable when on our network).
                myUDPListenerThread.IsBackground = True
                myUDPListenerThread.Start()
    End Sub

    Private Sub UDPListener()
        Try
            myUDPClient = New Net.Sockets.UdpClient(My.Settings.UDPPortforNetworkMessages)
            myUDPClient.EnableBroadcast = True
            Dim myEndPoint As New Net.IPEndPoint(Net.IPAddress.Broadcast, My.Settings.UDPPortforNetworkMessages)
            Do
                Dim myMessageAsByte() As Byte = myUDPClient.Receive(myEndPoint)
                Dim myReceivedMessage As String = System.Text.Encoding.UTF32.GetString(myMessageAsByte)
                Dim myHeader As String = Mid(myReceivedMessage, 1, 10)
                ' Make sure it's a message we sent
                If myHeader = "CODEHERE!!" Then
                    ' Strip off the header
                    myReceivedMessage = Mid(myReceivedMessage, 10)
                    ' Check if it's intended for a certain machine only
                    If InStr(UCase(myReceivedMessage), "WSID:") > 0 Then
                        Dim myWorkstation As String = Mid(myReceivedMessage, 6, InStr(myReceivedMessage, "-") - 6)
                        If myWorkstation.Length = 0 Then End
                        If UCase(myWorkstation) = "WS" & UCase(myCurrentUserName) Then
                            Dim myMessageAsString As String = System.Text.Encoding.UTF32.GetString(myMessageAsByte)
                            myMessageAsString = Mid(myMessageAsString, myWorkstation.Length + 7)
                            DisplayDialogBoxForm(myMessageAsString, "Network Message Received...", False, , True, )
                        End If
                    Else
                        ' Otherwise display for everyone
                        DisplayDialogBoxForm(System.Text.Encoding.UTF32.GetString(myMessageAsByte), "Network Message Received...", False, , True, , True)
                    End If
                End If
            Loop
        Catch ex As Exception
            If myUDPClient IsNot Nothing Then myUDPClient.Close()
        End Try
    End Sub

Please critique,

-Allan
 
Back
Top