| |
| Author |
Message |
|
| aatk8626 |
 Posted: Sun Jun 01, 2008 7:17 am |
 |
|
Craftsman
Joined: 02 Nov 2007
Posts: 61
Location: Birmingham Alabama
|
Sockets are used in every networked application you can think of. The web is powered by sockets, bittorrent, limewire, and the list goes on! Sockets work typically in this basic form. The serving system's application goes into an infinite loop, listening and waiting for a request at a specific TCP port. The server must loop very quickly, as to not miss a client's attempt at a connection. When a client connects, the server stops his loop, acknowledges the acquisition of data, and forms a session with the client. In a Non-asynchronous setting, the serving system can only serve one client at a time. With asynchronous servers, when the client connects, usually the session is formed in a separate thread and the server continues waiting for other clients. These sockets communicate with data bundles known as packets. These packets are made up of several items, notably the preamble to inform the other machine that data is being sent, the MAC address (a network ID that is hard coded into every machine's NIC card), the data itself (in Hexadecimal form), and other various items such as flags and IP data that resides in the header. This is a very tedious process that we often take for granted. Theoretically, someone could create a Raw Socket, spoof the header of the data packets, and trick a server into thinking it is a trusted client. With randomization of host connection settings nowadays, such as TCP Sequencing, it is almost impossible to guess at which port the server will actually receive data at a particular time. The Birthday attack, know for taking its name from the Birthday paradox, is one such attack aimed at circumventing these protective measures. The Birthday Paradox is a statistical occurrence in which there is a %50 chance that in a group of 23 or more people at least two people will have the same birthday. The more people in the group, the greater the chance of two of them having the same birthday. This attack uses this theory to send random data at various ports in the hopes of hitting the right port at the right time. This has been around for a very long time.
Trojans also use sockets to send and receive data to and from the victim. Sometimes rootkits can be employed to hide various processes and even hide TCP/IP connections. There is almost no way to know when this happens.
So sockets make up the majority of all apps in general! Even word processor programs often have some features that need to access a remote resource. I hope this will give you a better idea of what sockets are, and perhaps help you implement them more efficiently! |
|
|
| Back to top |
  |
|
|
All times are GMT - 9 Hours
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
