Server Security: How To Prevent Socket Hijacking on Windows

Server Security: How To Prevent Socket Hijacking on Windows

Tech Note News

Windows News

RELATED NEWS

China Telecom denies 'hijacking' of 15 percent of world Internet traffic

China Denies US Web Hijack Claim

BharatBerry: Mobile app for Nokia handsets

Samsung SCX-3201 Laser Printer Specification and Price

How to Prevent Auto Resuming Of Downloads When Firefox Restarts?

How to Backup & Restore Firefox Preferences?

Facebook Asks For ID from Women Users

Google Voice App Hits iPhone Shores at last

Crying Anne Hathaway storms out of her b'day dinner

Climate scientist involved in emails controversy says he did no wrong

By Angsuman Chakraborty, Gaea News Network
Wednesday, June 14, 2006

You can forcibly bind to the same address and port to which there is an open server socket by using SO_REUSEADDR option (ServerSocket.setReuseAddress(boolean on) in Java). Such reuse can be exploited by malicious applications to disrupt the functioning of the original server application and worse.

The SO_EXCLUSIVEADDRUSE option prevents other sockets from being forcibly bound to the same address and port.

Thus, when this socket option is used by an application before using the bind() function, no other application will be able to bind to the same local address, even when the SO_REUSEADDR is used.

The implementation of the SO_EXCLUSIVEADDRUSE socket option opens file objects in exclusive mode, setting the ShareAccess parameter of the ZwCreateFile() function to 0. Thus, file objects representing TCP and UDP ports can only be opened in exclusive mode, which correspond to exclusive binding at the Winsock level.

Note: Before Windows 2000 SP4, Windows XP SP2 or Windows Server 2003, this socket option can only be used by processes running with administrator credentials.

NAME :	(REQUIRED)
MAIL :	(REQUIRED) will not be displayed
WEBSITE :	(OPTIONAL)

YOUR COMMENT :
	Submit Notify me of followup comments via e-mail

Older News