通过 LAN 使用 sockets 是否会引入任何安全问题?
[英]Does using sockets over a LAN introduce any security issues?
问题描述
I'm having some trouble understanding the security of sockets.
我在理解 sockets 的安全性时遇到了一些麻烦。 I have some code set up in Python, which looks a bit like this:我在 Python 中设置了一些代码,看起来有点像这样:
server.py:服务器.py:
import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind((socket.gethostname(), 1234))
s.listen(5)
client.py:客户端.py:
import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((socket.gethostname(), 1234)
I set myself a project to make a VOIP over LAN, or as close as I can get.我为自己设置了一个项目,通过 LAN 或尽可能接近地制作 VOIP。 I'll be using strictly private IP addresses in this program.我将在这个程序中使用严格的私有 IP 地址。 I read that opening ports can be dangerous, so I'm a little nervous.我读到开放端口可能很危险,所以我有点紧张。
As you can see, I am using the port 1234. Could this introduce a vulnerability from any external threats?如您所见,我使用的是 1234 端口。这是否会引入来自任何外部威胁的漏洞?
1 个解决方案
解决方案1
1 已采纳 2020-04-08 18:35:48
When people say "opening ports can be dangerous" what they mean is that making an application available to connections from an unknown source (such as the Internet) is risky.当人们说“打开端口可能很危险”时,他们的意思是让应用程序可用于来自未知来源(例如 Internet)的连接是有风险的。 There may be bugs in the application that allow a remote attacker to execute commands, for example.例如,应用程序中可能存在允许远程攻击者执行命令的错误。
As long as you don't accept connections directly from the Internet you're probably fine.只要您不直接接受来自 Internet 的连接,您可能就可以了。 If an attacker has access to your LAN, you have more serious things to worry about.如果攻击者可以访问您的 LAN,则您需要担心更严重的事情。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.