How to connect to socket using encrypted password or another way (Client). RRS feed

  • Question

  • My client connects to a server with IP, using this way:

    public static Socket _clientSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);

    _clientSocket.Connect(IPAddress.Parse(""), 11525)

    In C# everyone can see the source code of your application, so the idea is creating an encrypted password that will be sent to the server. The problem is that even if I encrypt the password, when someone sees the source code they can send the encrypted password too. is there a way to make it impossible for the client to see the encrypted password?

    If I will try to hide the IP address from the clients they will be able to track it using cmd or other network applications.

    What is the best way to make it impossible or at least harder for clients to connect to socket? I am not using DNS, just IP address. 

    Thanks in advance

    • Edited by Nakash10 Monday, January 14, 2019 10:00 AM
    Monday, January 14, 2019 9:37 AM

All replies

  • It doesn't matter about the source code. All I have to do is sniff your network and see the same thing. So no you cannot prevent someone from seeing your encrypted password. Doesn't matter about the source code. If you want truly encrypted communication then you'd need to switch to HTTPS or something but that isn't going to work for a TCP server.

    If you want to limit connections to your server then why not just do IP filtering or something? It is pretty straightforward. Of course it can be spoofed but on a single network it shouldn't be an issue.

    Michael Taylor http://www.michaeltaylorp3.net

    Monday, January 14, 2019 3:13 PM