🎉 Celebrating 25 Years of GameDev.net! 🎉
Not many can claim 25 years on the Internet! Join us in celebrating this milestone. Learn more about our history, and thank you for being a part of our community!
A question of security
Author
Currently my game has multiplayer ability via direct play, however network programming hasn't been something that I've spent much time (yet) reading up on and learning about. So I was wondering about security problems that could occur. Could opening a port for the connection lead to security problems etc or am I being paraniod? I'd just hate to release a game that makes a persons pc easily 'hacked' or anything.
Thanks!
Ballistic Programs
Edited by - drazgal on February 10, 2002 10:08:31 AM
Unless your game is doing some really funky stuff I doubt you''d have much of a problem... everything sent over the network for your game should only be related to the game... security holes are more serious when they''re in programs that have the power to manipulate files (eg FTP servers, web servers) or run as superuser (root for *nix systems, admin for NT systems) since superusers can do whatever they want...
The worst that could happen is someone figures out a way to crash someone''s game.. boo hoo
Security does play a role in persistant online games like MMORPGs or Diablo... but if you were writing something like that the best idea would be to get someone who''s done network programming before since that''s a whole ''nother can of worms...
nohbdy
The worst that could happen is someone figures out a way to crash someone''s game.. boo hoo
Security does play a role in persistant online games like MMORPGs or Diablo... but if you were writing something like that the best idea would be to get someone who''s done network programming before since that''s a whole ''nother can of worms...
nohbdy
The only computer at risk when it comes to net games is the server unless you''re handing out IP addresses to everyone from everyone which really defeats the purpose of a server.
To keep it secure run a port scanner on the server computer to see which ones are open and then check those ports from a remote location. The only ports that should be remotely accessible are the ones you wanted open.
Check for viruses and trojans on a regular basis. Use a firewall.
Don''t put messages in the server program that could be used maliciously like a "Delete map" message. Come up with a way to verify authenticity of messages as well.
The client can only do what you tell it to do. Just opening a port doesn''t magically give you the ability to run amok. You have to use whatever program is using that port to run amok. So unless your client has malicious code that can be remotly triggered there''s no worry.
Ben
[The Rabbit Hole | The Labyrinth | Programming | Gang Wars | The Wall]
To keep it secure run a port scanner on the server computer to see which ones are open and then check those ports from a remote location. The only ports that should be remotely accessible are the ones you wanted open.
Check for viruses and trojans on a regular basis. Use a firewall.
Don''t put messages in the server program that could be used maliciously like a "Delete map" message. Come up with a way to verify authenticity of messages as well.
The client can only do what you tell it to do. Just opening a port doesn''t magically give you the ability to run amok. You have to use whatever program is using that port to run amok. So unless your client has malicious code that can be remotly triggered there''s no worry.
Ben
[The Rabbit Hole | The Labyrinth | Programming | Gang Wars | The Wall]
also check with the utmost care that you dont have any buffers that could potential be overrun. use some form of crc on the messages and if the client sends a message that is too big, drop them like a rock.
I feel one should emphasize the buffer overrun thing more. If there is any local buffer that a client can overrun (e.g. in calls to functions like sprintf or strcpy), they might be able to execute arbitrary code on the server by overwriting the return EIP address and inserting the code on the stack, or by manipulating the return address so that it jumps into a library function.
Of course, actually executing code is made nearly impossible when the source code or the server executable aren''t available for the public, or if the position of the stack is variable, which is the case for threaded applications. However, you can still crash the server using buffer overruns.
It''s not too difficult to write secure code though. Use snprintf and vsnprintf instead of sprintf/vsprintf (on Windows, use _(v)snprintf). Use a buffer overrun-safe strcpy. strncpy is _not_ a good choice, since the destination string won''t be null-terminated in the case of an overrun.
And (obviously) never trust any size information sent by a client.
cu,
Prefect
Of course, actually executing code is made nearly impossible when the source code or the server executable aren''t available for the public, or if the position of the stack is variable, which is the case for threaded applications. However, you can still crash the server using buffer overruns.
It''s not too difficult to write secure code though. Use snprintf and vsnprintf instead of sprintf/vsprintf (on Windows, use _(v)snprintf). Use a buffer overrun-safe strcpy. strncpy is _not_ a good choice, since the destination string won''t be null-terminated in the case of an overrun.
And (obviously) never trust any size information sent by a client.
cu,
Prefect
quote: Original post by Prefect
Of course, actually executing code is made nearly impossible when the source code or the server executable aren''t available for the public, or if the position of the stack is variable, which is the case for threaded applications. However, you can still crash the server using buffer overruns.
The usual exploit script for this kind of thing tries different offsets until it gets the code execution it was looking for. If you''ve got a buffer overrun problem at all, you have to assume that it''s exploitable.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
