socket security
Alastair Nicol
calaban.madness at blueyonder.co.uk
Fri Apr 5 20:16:48 EST 2002
Hi,
I've been enjoying the wonders of socket programming with Python. I have
read a lot of information on the subject, but still have a few unanswered
questions which is why, out of desperation, i'm asking here.
1) Can only hosts which can see the interface your program is bound to
communicate with your program. In the "normal" case if you bind to
127.0.0.1 for example ONLY your machine can see that interface. Other
machines cannot connect to it. Is this a safe / secure assumtion? (not just
for localhost)
2) Also when a client connects to a socket the server gets the IP address
of the client. Is this the "real" ip number? Ive heard you can spoof IP
numbers so what hoops are needed to validate that the client is really that
client.
openSSL is an option i would like to use, but for reasons to numerious to
list here, i cant.
Thanks, Alastair Nicol
More information about the Python-list
mailing list