Honeypot - R63, Java, Netty, BoneCP, etc.

DominicGunn · May 29, 2012

G33k said:
Stop asslicking

@Dom

How well will your security be, as in.
> SQLI
> Buffer Overflows.
> Remote Hijacks
> Bot's

> Entities are passed through a filter before being executed anywhere.
> Memory is being handled very carefully.
> Tickets are wiped on user login, any other defence is CMS. This project isn't for programming a CMS.
> Limited connections from a single IP. Automatic banning of IPs that exceed that limit.

TheEngineer · May 29, 2012

Awesome stuff, go and livestream some dev :>

El Jamie · May 29, 2012

DominicGunn said:
> Entities are passed through a filter before being executed anywhere.
> Memory is being handled very carefully.
> Tickets are wiped on user login, any other defence is CMS. This project isn't for programming a CMS.
> Limited connections from a single IP. Automatic banning of IPs that exceed that limit.

Judging from what you've said, it looks like this development looks like it has a good potential.

Jordan · May 29, 2012

G33k said:
As a professional Penentration Tester / Osint
i do securiteh

Pretty sure your 15....

Dom how are you limiting connections per IP? Guess you check on connection and just hang up?

DominicGunn · May 29, 2012

Jordan said:
Pretty sure your 15....

Dom how are you limiting connections per IP? Guess you check on connection and just hang up?

I plan to yeah. just going to try some private streaming and see how it goes. Might open it up to everyone eventually.

Jairo34 · May 29, 2012

Jordan said:
Pretty sure your 15....

Dom how are you limiting connections per IP? Guess you check on connection and just hang up?

You can do it vía UniqueMachineID if you wants to restrict clons, if not, you can initialize a Map in order to save IPs and compare it.

1ntel · May 30, 2012

DominicGunn said:
> Limited connections from a single IP. Automatic banning of IPs that exceed that limit.

Use the policy to restrict access and drop any connections that don't connect from the client is the best way of doing this than a connection limit.

Then you just need to have some code which monitors the rate of packets being send through the open connection and ban those IP's which exceed the rate to prevent any type of flooding.

Also will be very interesting to see how you handle the storing of Rooms and the initial loading of rooms. Don't do any of that rubbish where you store the current Room ID in the Player object, then calling a function in the Room Manager like "GetRoomFromId" then returning the loaded room, and having it called by every packet like "StartTyping, StopTyping, Shout, Whisper (every other room packet there is)".

Instead its always best to reference the room once you have loaded it and access the room directly through that reference, but remember to always null it once the player has left the room otherwise you'll end up holding reference to that room even when it has been "unloaded" (removed from the loaded rooms collection) and using up unnecessary memory. Easiest way would be to hold it as a WeakReference, and have a function like "GetCurrentRoom" to perform checks to see if the room has "gone away", which should never happen as you'd code it to remove the room when no players are in there anymore, so i'd make it throw an error just to make debugging easier.

But looks good so far

Leon · May 31, 2012

Any updates?

:

Livar · May 31, 2012

Finally some competition in the section, good luck to both of you.

Roper · Jun 1, 2012

How's this coming along Dom?

Makarov · Jun 2, 2012

Thread Closed on Request(?)

Welcome!

Honeypot - R63, Java, Netty, BoneCP, etc.

DominicGunn

Junior Spellweaver

TheEngineer

Creative One.

El Jamie

Na Nach Nachma Nachman Meuman

Jordan

Chasing 99 Red Balloons

DominicGunn

Junior Spellweaver

Jairo34

Newbie Spellweaver

1ntel

Experienced Elementalist

Leon

topkek amirite??

Livar

swagggggg

Roper

hi i'm robbie

Makarov

Ultra Light Beam

RaGEZONE Sponsor

About Us

Forum statistics

Partners