如何保护socket免受dos攻击 [英] How to protect socket against dos attack
问题描述
我正在学习csharp并有一个问题:
我的问题是关于处理接收套接字。
我使用backgroundworker类进行多线程处理。
在doWork事件中有一个使用阻塞接收方法的while循环。
一次收到的字节被传递给reportProgress方法。
ProgressChanged事件处理程序将字节转换为字符串,并使用此字符串更新用户界面(将其附加到文本框) )。现在我不关心消息框架。
我的问题:
我写了一个单独的测试程序,它发送了大量的数据给我的程序,它发送一个长度为3000的字符串并执行1000次。
接收程序没有响应。我可以通过在接收循环中使用thread.sleep(10)来解决这个问题。但这并不感觉正确,感觉就像是黑客。
因此瓶颈是用户界面(对吗?)它无法足够快地处理所有reportProgress事件。
如何处理?我应该检测到这种洪水袭击吗?然后关闭连接?在正常情况下,洪水无法发生,必定是攻击。我只是好奇如何保护我的应用程序,它仅用于学习目的。
Hi,
I am learning csharp and have a question:
My question is about handling a receiving socket.
I use the backgroundworker class for multithreading.
In the doWork event there is a while loop that uses the blocking receive method.
Once bytes are received they are passed to the reportProgress method.
The ProgressChanged event handler will convert the bytes to a string and will use this string to update the user interface (append it to a textbox). For now i do not concern with message framing.
My problem:
I wrote a seperate test program that sends massive amounts of data to my program, it sends a string of length 3000 and does this 1000 times.
The receiving program becomes unresponsive. I can overcome this by using thread.sleep( 10 ) in the receive loop. But this does not feel "right", it feels like a hack.
So the bottleneck is the user interface (right?) it can not handle all the reportProgress events fast enough.
How is this handled ? should i detect such an "flood attack" and then close the connection? In a normal situation there is no way a flood can happen it must be an attack. I am just curious in how to protect my application, it is just for learning purposes.
推荐答案
并将使用此字符串用于更新用户界面(将其附加到文本框)。
and will use this string to update the user interface (append it to a textbox).
停在那里。直接将套接字代码绑定到用户界面控件意味着您无法将此套接字转换为可以在以后轻松重用的自包含类。毕竟,一旦你得到了这个错误,你不想将其复制/粘贴到其他所有程序中吗?将它放入工具箱中的用户控件或个人命名空间的一部分会更好,因此您只需要在所有应用程序中使用一个套接字处理类。
尝试使用套接字处理程序使用新文本引发事件。
让表单订阅套接字类NewTextEvent
然后当表单''听到''套接字类''大喊''我有新的xxxxx文本它可以反应表格的正确性。也许就是将它放入文本框中。也许是为了解析文件名并加载它。也许是将它记录到文本文件中。
重要的是套接字类不需要知道或关心什么形式正在听它,或他们将如何处理数据。它只是听取信息,并在一个事件中大喊大叫。 - 监听类(表单)对套接字的了解并不多:它们只有一行可以将它们订阅到套接字类。当您在6个月内创建更好的套接字类时,每个与之关联的程序都会自动获得改进,而无需返回并复制/粘贴/自定义。
Stop there. Directly tying your socket code to your user interface controls means you won''t be able to turn this socket into a self-contained class that you can easily re-use later. After all, once you get the bugs worked out of this you don''t want to have to copy/paste this into every other program do you? Its a lot nicer to be able to put this into a user control in your tool box, or part of your personal namespace so you only have one socket handling class that you use in all your applications.
Try having the socket handler raise an event with the new text.
Have your form subscribe to the socket class "NewTextEvent"
Then when the form ''hears'' the socket class ''yell'' "I have new text of xxxxx" it can react how is correct for the form. Maybe that is to put it into a textbox. Maybe it is to parse it for a file name and load it. Maybe it is to log it to a text file.
The important thing is that the socket class doesn''t need to know or care about what form(s) are listening to it, or what they will do with the data. It just listens for information, and yells it out in an event. - The listening classes (forms) don''t really know that much about sockets: They just have one line that subscribe them to the socket class. When you create a better socket class in 6 months every program that is tied to automatically gets the improvements without you having to go back and copy/paste/customize.
我可以通过在接收循环中使用thread.sleep(10)来解决这个问题。但这并不感觉正确,感觉就像是黑客。
I can overcome this by using thread.sleep( 10 ) in the receive loop. But this does not feel "right", it feels like a hack.
Thread.sleep很少是正确的。如何为此设置实际代码,以便我们可以看看?当你的套接字类从你的UI表单中解开时,它也可能会自动清除。
Thread.sleep is rarely the right thing. How about putting up the actual code for this so we can take a look? Its also possible that when your socket class is unhooked from your UI form that this will clear itself up.
感谢您的回复,
我已经考虑过重用了:)
你说我已经完成了什么,我创建了一个类来触发我自己的事件:( ConnectionFailed,ConnectionSucceeded,ReceivedData,StoppedReceiving等)
很抱歉没有提到
代码来回应ReceivedData事件:(在表单中)
Thanks for your response,
I have thought about reuse :)
What you say I have allready done, i made a class that fires my own events: (ConnectionFailed, ConnectionSucceeded, ReceivedData, StoppedReceiving, etc)
Sorry for not mentioning that
code to react to "ReceivedData" event: (in the form)
这篇关于如何保护socket免受dos攻击的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
