堆栈内存溢出
  简体   繁体   English

为.Net应用程序实施防篡改的最佳想法是什么

[英]What's the Best idea to implement an Anti Connection Tampering for .Net application

 原文  2011-11-04 07:48:55       .net/ connection/ tampering

问题描述

what's the best way to implement an anti connection tampering for my .Net application. 对我的.Net应用程序实施防篡改的最佳方法是什么? for example, I don't want anyone to see what my application is sending to my server.. or at least encrypt the data have been sent to the server.. 例如,我不希望任何人看到我的应用程序要发送到服务器的内容。或者至少要加密已发送到服务器的数据。

I just have a simple idea popped up on my mind right now and I'm not sure if that's the right thing to do in order to make it hard to understand what is my application is sending to my server.. anyway, my idea is to use SSL certificate.. is it a good way to prevent connection tampering? 我现在脑海中浮现出一个简单的主意,但我不确定是否要这样做才使您很难理解我的应用程序正在发送给服务器的内容..无论如何,我的主意是使用SSL证书..这是防止连接篡改的好方法吗?

any ideas or suggestions would be appreciated.. 任何想法或建议,将不胜感激。

1 个解决方案

解决方案1
 0  2011-11-04 09:10:46

The problem here is that potentially connection can be compromised in both ways - from client to the server and back. 这里的问题是,从客户端到服务器再到服务器的两种方式都可能破坏潜在的连接。 Adding SSL certification to the server wouldn't be enough and mutual authentication is required, but that means that you should issue a certificate to each of clients. 仅向服务器添加SSL认证还不够,并且需要相互认证,但这意味着您应该向每个客户端颁发证书。 But that seems to be strongest solution. 但这似乎是最有力的解决方案。

However, self-signed certificates could be used for traffic encryption only, as they could be easily hijacked - the most popular example is Fiddler's ability to capture https traffic. 但是,自签名证书只能用于流量加密,因为它们很容易被劫持-最受欢迎的示例是Fiddler捕获HTTP流量的能力。

As you ask for any ideas, you could be probably interested in concealing the fact of the connection at all. 当您提出任何想法时,您可能会对隐藏连接的事实完全感兴趣。 With some hacking it could be possible to inject some module into internet explorer, for example. 例如,通过一些黑客攻击,就有可能将某些模块注入Internet Explorer。 So your application would talk to the module and module, using IE environment - to the server. 因此,您的应用程序将使用IE环境与模块对话,并与服务器对话。 Server can even expose https interface and pretend to be normal web server. 服务器甚至可以公开https界面,并假装为普通的Web服务器。

By the way, the article Man-in-the-middle attack contains a list of tools you can try to check if your application is vulnerable to this sort of attack. 顺便说一句, 中间人攻击一文包含一系列工具,您可以尝试检查您的应用程序是否容易受到这种攻击。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在VB.NET中实现“可选委托”的最佳方法是什么? - What's the best way to implement an “optional delegate” in VB.NET? .NET - 实现“捕获所有异常处理程序”的最佳方法是什么 - .NET - What's the best way to implement a “catch all exceptions handler” 在dotnet / .NET中实现自定义属性的最佳方法是什么? - What's the best way to implement custom attributes in dotnet/.NET? 使用.NET检测互联网连接的最佳方法是什么? - What's the best way to detect an internet connection using .NET? 实现此目的的最佳解决方案是什么? - What's the best solution to implement this? .NET Windows窗体应用程序更新自身的最佳方法是什么? - What's the best way for a .NET windows forms application to update itself? 在.net桌面应用程序中启用或禁用功能的最佳方法是什么? - What's the best method to enable or disable a feature in a .net desktop application 与 .net 应用程序的防病毒集成 - Anti virus integration with .net application 在多租户.net项目中实现角色的最佳方法是什么? - What's the best way to implement roles in a multi-tenant .net project? 搜索在.NET FCL中实现特定接口的类的最佳方法是什么? - What is the best way to search for classes that implement a particular interface in .NET's FCL?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM