客户端-服务器数据加密和协议设计

发布于 2024-08-11 17:02:49 字数 4624 浏览 7 评论 0原文

我正在编写一个客户端-服务器应用程序,用于计算机实验室并充当服务(不作为服务运行)。我有一个控制台应用程序使用控制台的 HWND 对象调用本机函数“ShowWindow”/SW_HIDE - 这给出了我在这里想要的东西。服务器/客户端正在工作,我已发送消息“Hello world!”从客户端到服务器多次,我很高兴。 (我使用 UDP 作为套接字协议,因为 IT 部门想要一种无连接方法。)

我的问题在于客户端与服务器之间通信的“协议”。

服务器背后的目标包括以下内容:

  • 以编程方式授予对我们 IT 部门出于安全原因而阻止的某些功能的访问权限(例如“net.exe”)
  • 授予对我的程序的访问权限以监视学生在计算机实验室中查看的内容。

我想包括的一些内容是来回发送的简单问题:

  • “REQUSER”命令将返回用户名和全名(之前“net user”允许)
  • “REQPROCS”命令将返回当前在当前用户的用户名下运行的进程列表。

我毫不怀疑我能够做到这一点。我目前担心的是数据安全。在我的大学里,我们确实有一些“黑客”,他们可能知道如何数据包嗅探,并能够将数据包重新发送到特定服务器,以执行恶意操作或获取有关敌人的信息或诸如此类的信息。

我的想法是为所有发送的数据提供加密方案并在接收时对其进行解码。

与我交谈的一位朋友说我应该使用位打包器,我开始将他的 BitPacker 类从 C++ 移植到 C#,我对此感到困惑,并来这里看看 Stackoverflow 的想法。

namespace Atlantis.Net.Sockets
{
    using System;
    using System.Collections.Generic;
    using System.Diagnostics;
    using System.Linq;
    using System.Net;
    using System.Net.Sockets;
    using System.Text;
    using System.Windows.Forms;

    public class UdpServer : System.Net.Sockets.UdpClient
    {

        #region Constructor(s)

        public UdpServer(Int32 port)
            : base(port)
        {
        }

        public UdpServer(IPEndPoint endPoint)
            : base(endPoint)
        {
        }

        #endregion

        #region Properties

        private Int32 m_Backlog = 32;
        /// <summary>
        ///     Sets how many active connections the socket can support
        /// </summary>
        public Int32 Backlog
        {
            private get
            {
                return m_Backlog;
            }
            set
            {
                m_Backlog = value;
            }
        }

        private Boolean m_IsInitialized = false;
        /// <summary>
        ///     Gets a value indicating whether the server has been initialized
        /// </summary>
        public Boolean IsInitialized
        {
            get
            {
                return m_IsInitialized;
            }
            private set
            {
                m_IsInitialized = value;
            }
        }

        private Int32 m_Port = 1337;
        /// <summary>
        ///     Sets the port number for listening for incoming connections
        /// </summary>
        public Int32 Port
        {
            private get
            {
                return m_Port;
            }
            set
            {
                m_Port = value;
            }
        }

        private Encoding m_Encoding = Encoding.ASCII;
        /// <summary>
        ///     Gets or sets the text encoding for data being transferred to/from the server
        /// </summary>
        public Encoding Encoding
        {
            get
            {
                return m_Encoding;
            }
            set
            {
                m_Encoding = value;
            }
        }

        #endregion

        #region Events

        public event EventHandler<UdpReceiveEventArgs> DataReceive;

        #endregion

        #region Methods

        protected virtual void OnDataRecieve(String data, object state)
        {
            if (DataReceive != null)
            {
                DataReceive(this, new UdpReceiveEventArgs(data, ((UdpState)state)));
            }
        }

        private void DataReceiveCallback(IAsyncResult ar)
        {
            UdpClient u = (UdpClient)((UdpState)ar.AsyncState).host;
            IPEndPoint e = (IPEndPoint)((UdpState)ar.AsyncState).endPoint;

            Byte[] data = u.EndReceive(ar, ref e);

            OnDataRecieve(Encoding.GetString(data), ((UdpState)ar.AsyncState));

            UdpState state = new UdpState();
            state.endPoint = new IPEndPoint(IPAddress.Any, Port);
            state.host = u;
            u.BeginReceive(new AsyncCallback(DataReceiveCallback), ((UdpState)ar.AsyncState));
        }

        /// <summary>
        ///     .
        /// </summary>
        public void Initialize()
        {
            if (IsInitialized)
            {
                return;
            }
            //Debug.WriteLine(String.Format("Local address and port : {0}", Client.RemoteEndPoint.ToString()));

            UdpState state = new UdpState();
            state.endPoint = new IPEndPoint(IPAddress.Any, Port);
            state.host = this;
            BeginReceive(new AsyncCallback(DataReceiveCallback), state);

            IsInitialized = true;
        }

        #endregion

    }
}

PS我希望问题很清楚?我注意到我写的大多数问题都不清楚。 :/

I'm writing a client-server application to be used in a computer lab and act as a service (without running as a service). I have a console application calling the native function "ShowWindow"/SW_HIDE using the console's HWND object -- this gives it what I am wanting here. The server/client is working, I've sent the message "Hello world!" from the client to the server many times and I'm pleased. (I'm using UDP for the socket protocol because the IT department wants a connectionless approach.)

My question lies in a 'protocol' for communication between client-server.

The goals behind the server include the following:

  • Give access, programmatically, to certain abilities that our IT-Department has blocked for security (e.g. "net.exe")
  • Give access to my program to monitor what students are viewing in the computer lab.

Some things I want to include are simple questions being sent back and forth:

  • A command of "REQUSER" would return the username and fullname (as allowed by "net user" previously)
  • A command of "REQPROCS" would return a list of processes currently being ran under current user's username.

I have no doubt I am able to do this. The thing I am leary of at the moment is data safety. We do have some "hackers" here at my college who may know how to packet sniff and be able to resend packets out to specific servers to either do malicious things or get information on an enemy or whatnot.

My thought was to provide an encryption scheme on all data sent and decode it on receive.

A friend who I talked to said I should use a bit packer and I started porting his BitPacker class from C++ to C# which I got confused with and came here to see what Stackoverflow thought.

namespace Atlantis.Net.Sockets
{
    using System;
    using System.Collections.Generic;
    using System.Diagnostics;
    using System.Linq;
    using System.Net;
    using System.Net.Sockets;
    using System.Text;
    using System.Windows.Forms;

    public class UdpServer : System.Net.Sockets.UdpClient
    {

        #region Constructor(s)

        public UdpServer(Int32 port)
            : base(port)
        {
        }

        public UdpServer(IPEndPoint endPoint)
            : base(endPoint)
        {
        }

        #endregion

        #region Properties

        private Int32 m_Backlog = 32;
        /// <summary>
        ///     Sets how many active connections the socket can support
        /// </summary>
        public Int32 Backlog
        {
            private get
            {
                return m_Backlog;
            }
            set
            {
                m_Backlog = value;
            }
        }

        private Boolean m_IsInitialized = false;
        /// <summary>
        ///     Gets a value indicating whether the server has been initialized
        /// </summary>
        public Boolean IsInitialized
        {
            get
            {
                return m_IsInitialized;
            }
            private set
            {
                m_IsInitialized = value;
            }
        }

        private Int32 m_Port = 1337;
        /// <summary>
        ///     Sets the port number for listening for incoming connections
        /// </summary>
        public Int32 Port
        {
            private get
            {
                return m_Port;
            }
            set
            {
                m_Port = value;
            }
        }

        private Encoding m_Encoding = Encoding.ASCII;
        /// <summary>
        ///     Gets or sets the text encoding for data being transferred to/from the server
        /// </summary>
        public Encoding Encoding
        {
            get
            {
                return m_Encoding;
            }
            set
            {
                m_Encoding = value;
            }
        }

        #endregion

        #region Events

        public event EventHandler<UdpReceiveEventArgs> DataReceive;

        #endregion

        #region Methods

        protected virtual void OnDataRecieve(String data, object state)
        {
            if (DataReceive != null)
            {
                DataReceive(this, new UdpReceiveEventArgs(data, ((UdpState)state)));
            }
        }

        private void DataReceiveCallback(IAsyncResult ar)
        {
            UdpClient u = (UdpClient)((UdpState)ar.AsyncState).host;
            IPEndPoint e = (IPEndPoint)((UdpState)ar.AsyncState).endPoint;

            Byte[] data = u.EndReceive(ar, ref e);

            OnDataRecieve(Encoding.GetString(data), ((UdpState)ar.AsyncState));

            UdpState state = new UdpState();
            state.endPoint = new IPEndPoint(IPAddress.Any, Port);
            state.host = u;
            u.BeginReceive(new AsyncCallback(DataReceiveCallback), ((UdpState)ar.AsyncState));
        }

        /// <summary>
        ///     .
        /// </summary>
        public void Initialize()
        {
            if (IsInitialized)
            {
                return;
            }
            //Debug.WriteLine(String.Format("Local address and port : {0}", Client.RemoteEndPoint.ToString()));

            UdpState state = new UdpState();
            state.endPoint = new IPEndPoint(IPAddress.Any, Port);
            state.host = this;
            BeginReceive(new AsyncCallback(DataReceiveCallback), state);

            IsInitialized = true;
        }

        #endregion

    }
}

P.S. I hope the question is clear? I've noticed most of my questions I write are unclear. :/

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

寄与心 2024-08-18 17:02:49

System.Net.Security 中的 SslStream 类可能会满足您的需求

(SslStream) 提供用于
客户端-服务器通信使用
安全套接字层 (SSL) 安全性
验证服务器的协议
以及可选的客户端。

...

SSL 协议有助于提供
机密性和完整性检查
对于使用传输的消息
SslStream。 SSL 连接,例如
SslStream 提供的应该是
沟通敏感时使用
客户与客户之间的信息
服务器。使用 SslStream 有助于
阻止任何人阅读和
篡改信息
网络传输中

更多详细信息和示例如下: SslStream类

SslStream Class from System.Net.Security might do what you need

(SslStream) Provides a stream used for
client-server communication that uses
the Secure Socket Layer (SSL) security
protocol to authenticate the server
and optionally the client.

...

SSL protocols help to provide
confidentiality and integrity checking
for messages transmitted using an
SslStream. An SSL connection, such as
that provided by SslStream, should be
used when communicating sensitive
information between a client and a
server. Using an SslStream helps to
prevent anyone from reading and
tampering with information while it is
in transit on the network

more details and examples here: SslStream Class

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文