On Fri, 2005-10-07 at 09:17 -0700, Paul Rubinhttp: wrote: > > 3. How do I keep people from tampering with the server? The clients > > send strings of data to the server. All the strings start with x and > > end with y and have z in the middle. Is requiring x at the front and > > y at the back and z someplace in the middle enough to keep people > > out? I'm open to suggestions. > > It only keeps them out if they don't know to use that x..y..z pattern > and maybe not even then. Get a copy of "Security Engineering" by > Ross Anderson to have an idea of what you're dealing with, especially > if your server controls something valuable.
The server just logs data, nothing else. It's not private or important data... just sys admin type stuff (ip, mac addy, etc.). I just don't want some script kiddie discovering it and trying to 'hack' it. By doing so, they'd fill the log up with crap. So, If the data doesn't contain x, y, and z and if the data is too big or too small, I record it to a 'tamper' log and tell the leet hacker to 'go away'. -- http://mail.python.org/mailman/listinfo/python-list
