Server Security: How To Prevent Socket Hijacking on Windows
By Angsuman Chakraborty, Gaea News NetworkWednesday, June 14, 2006
You can forcibly bind to the same address and port to which there is an open server socket by using SO_REUSEADDR option (ServerSocket.setReuseAddress(boolean on) in Java). Such reuse can be exploited by malicious applications to disrupt the functioning of the original server application and worse.
The SO_EXCLUSIVEADDRUSE option prevents other sockets from being forcibly bound to the same address and port.
Thus, when this socket option is used by an application before using the bind() function, no other application will be able to bind to the same local address, even when the SO_REUSEADDR is used.
The implementation of the SO_EXCLUSIVEADDRUSE socket option opens file objects in exclusive mode, setting the ShareAccess parameter of the ZwCreateFile() function to 0. Thus, file objects representing TCP and UDP ports can only be opened in exclusive mode, which correspond to exclusive binding at the Winsock level.
Note: Before Windows 2000 SP4, Windows XP SP2 or Windows Server 2003, this socket option can only be used by processes running with administrator credentials.