I am referring to "Broadcasting to Multiple Recipients" from Oracle Java Tutorial:
Both the server and the client use the group identifier to identify they belong to the same group.
But the group ID is likely to be duplicate in the Internet (and actually I goolged and it is said the group identifier does not need to be unique)
Then how come the client on other side of the Internet can know it belongs to the same group of the server?
Would you give me some links to describe the process?
If server A mutlicasts audio streams, server B multicasts video streams.
Server A uses a group ID 203.0.113.0:4446
Server B happens to uses the group ID 203.0.113.0:4446.
How come the clients in the Internet knows the differences?
But since Server A does not know the existence of Server B at all, A do not know how to choose a unique group ID, as the uniqueness in the IP address.
It seems I cross some articles, talking about adding some MAC address.
But in the Oracle Java Tutorial, the coding for the client does not mention MAC address at all.
I don't know what you mean by 'reorganized' in your title, but the client doesn't 'know it belongs to the same group [as] the server'. It only knows that it belongs to the group defined by the IP address. If there are multiple hosts sending to that IP address it will receive from all of them.
Related
In the bitcoin p2p core client, the initial peers are found, as stated, as:
When started for the first time, programs don’t know the IP addresses
of any active full nodes. In order to discover some IP addresses, they
query one or more DNS names (called DNS seeds) hardcoded into Bitcoin
Core and BitcoinJ. The response to the lookup should include one or
more DNS A records with the IP addresses of full nodes that may accept
new incoming connections. For example, using the Unix ``dig command
https://en.wikipedia.org/wiki/Dig_%28Unix_command%29>`__:
source: https://developer.bitcoin.org/devguide/p2p_network.html
Is the same approach required for libp2p for initial peer discovery? I was not able to find any tutorial which covers this information. I was hoping libp2p would handle this problem. Does the libp2p provide guidance or facilities for this?
So here is an approach I was thinking of:
PROBLEM:
- after you have done everything possible to secure your servers and client app. I wanted to add an extra layer to make sure even if a user looses access to their data, they can only really affect their own little space in a shared database. (obvisouly authentications are in place but this is the basis of the authenticatino model)
SOLUTION I HAD IN MIND:
- I wanted to add a "hidden" field that stores users IP addresses.
This means when a user does the normal password and usenrame entry, they also have to verify whether the machine they are using is their own, and thus we store that IP address by taking it from their request.
Later if they need to log in again they can, but if they want to retrieve data, the look up on the router server will recieve the IP from the request, add that onto the message as part of the filter parameters.
Once it queries the database if the combination of IP + data that users wants is found then it sends that back.
If a different IP is detected then no data exists in the server so nothing is sent back. which would initially be done on login and would trigger a mail to the user to verify the machine they are using is trusted.
Is there an easier way? is this overegging?
Thanks,
Alex
Tried ip-request module in Express, works fine, but wanted to know if there was a potential security threat with the way I am using this and it will be implemented before proceding.
First off, an IP address your server sees is often not the actual IP address of the computer the user is on because there is often a NAT device or proxy in between that maps a private network IP address of the user's machine to a public IP address for use on the internet. This would be true whether you were using a computer on your home network, using a computer at work, connected via WiFi at Starbucks, etc...
User Computer (private IP 192.168.1.x) => Gateway (some public IP address) => Your server
If the same computer connected to your server the same way over and over, it "might" be assigned the same public IP address every time it does so. But, in other circumstances it might not.
If the same computer is mobile at all (phone, laptop, tablet) and connects to the internet in different ways (WiFi, cellular), then it may show as a different IP address every time it connects from a different location.
So, in these days of lots of mobile devices and a user that may even access a service from more than one device, an IP address is just NOT a good measure of whether this is a risk or not.
Furthermore, in the case of shared NAT such as a WiFi hotshot or connecting from a corporate network, it's possible for lots of different users to all appear to be coming from the same public IP address.
I would not suggest using IP address at all as any security indicator. You will just get lots of false indicators of an invalid IP address that changed since last access and you may even get false positives where a different user appears on the same IP address as a legit user. In these days of NAT and mobility, there is no one-to-one correspondence between a public IP address and a user. Trying to pretend there is will cause all sorts of problems.
I have multiple clients sending data to a central server. Is there a way I can ensure that the server get the data but in no way it can associate sender with the data.
If the clients are identified using IP address, then spoofing is a way to make sure that they are not traceable. To spoof, you need to identify the packets the client is sending to the server. In Network layer, you shall find the IP bits, which you need to replace(or remove, if it works).
(Use wireshark tool, it might be helpful)
Although, it shall still be considered a malpractice in the society. I sincerely advice you to contact the server administration, to discuss and put in place other security measures instead of spoofing.
I created a Tcp server using net module in NodeJS and tried to get the mac address info from each client to generate uuid. However, in the Socket object, there is no information about it. Also I tried to get read mac address from arp table, but it's not working either. Any other ways to figure it out?
Because the MAC address belongs to the layer 2 of the OSI layers you will not be able to access it unless you are in the same address space because it gets stripped out by routers.
Explanation
MAC address, belongs to layer 2 "Data Link Layer" of 7 OSI Layers. The clients' MAC addresses are only visible to the routers they directly connect to.
Routers will partially disassemble the packet to get at the layer 3 "Network Layer" headers in order to determine where the packet should be shipped, where IP address is being used.
Then, Layer 4, "Transport Layer", is where you're talking about specific protocols, like TCP.
Therefore, as a server, you CANNOT get the clients' MAC address unless you are connected to your clients in layer 2.
I did something similar before for class rooms in production environment. In my case, I have access to all client machines. Either you have admin access to all clients or you can pre-register the client into your database somehow, you can do the following. If not, please ignore this answer.
Create another NodeJs program hosted a web service in Clients (Don't forget to implement some kind of security). This program could be just a simple ExpressJs with getmac node module.
Register all IPs or domain name of the clients to Server database. Could be manual or, in my case, when Client turned-on it's auto send a request to server to register itself. (Implement client-server validation if needed)
When Server needed the mac from client, Server app sends a request to each pre-registered client to get its mac address or any other information Server needs from clients.
Net client in node js does not provide the mac address. You have the choice between :
1- sending the #mac your self: i mean in the client side you send the Mac address as data when you establish connection with the server.
2- use socket.io insteed net . It will afford you all the information you want
I have a security question about games and network.
Today most games (like Call of Duty) uses a 'on client side host' server system. So for some time, one client becomes the host of the game. I'm looking for some resources on how to do this properly (in a technical and safe way) because I'm working on a project like that.
But for now the only solution I found is to share the IP address of my host clients to other guest clients. And I'm not proud of this. So I am looking for a method or technology like IP masking or another stuff like that would protect my customers from other malicious customers that could retrieve IP of my customers and maybe hack them?
EDIT:
But what I'm asking is if there is any solution like services like on the fly subdomains redirections with parameters for connecting to specific clients or anything like that? I mean
subdomain.mygame.com/clientname
If you want true peer-to-peer connections in your game there is no way around sharing the IP address. After all if they are to talk with one another then they need to know how to reach the others.
Alternatively you can route all their traffic through your server and each client connects to it independently. That way they do not have to know any information about each other except your in-game user id.