Menu
What are good programming practices in regards to blocking DoS attacks on a UDP client/server? The only thing that comes to mind at the moment is ignoring packets with the wrong sources, as such (using WinSock2):
if (oSourceAddr.sa_family == AF_INET) {
uSourceAddr = inet_addr(oSourceAddr.sa_data);
if (uSourceAddr == oCorrectDestAddr.sin_addr.S_un.S_addr) {
queueBuffer.push(std::string(aBuffer));
}
}
Attacks that are fast enough might cause this to block in a loop - especially if the packet size is small. Is there a way I can prevent packets from arriving from a certain source, or any source besides the correct one? What other things should I look out for? An explanation in code form would be especially helpful if the solutions are already built into the API.
388
Is there a way I can prevent packets from arriving from a certain source, or any source besides the correct one?
Yes. Just connect() the socket to that correct source. Then UDP will filter out all datagrams from other addresses. See man 2 connect, the paragraph about SOCK_DGRAM sockets.
173
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
