This week's book giveaway is in the Mac OS forum.
We're giving away four copies of a choice of "Take Control of Upgrading to Yosemite" or "Take Control of Automating Your Mac" and have Joe Kissell on-line!
See this thread for details.
The moose likes Sockets and Internet Protocols and the fly likes Secure Socket + Client Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Sockets and Internet Protocols
Bookmark "Secure Socket + Client" Watch "Secure Socket + Client" New topic
Author

Secure Socket + Client

john price
Ranch Hand

Joined: Feb 24, 2011
Posts: 495

I have a client and server program. It runs perfectly fine. I am worried about hackers. So far, I have placed all the restrictions and code on the clients. I now realize that if a hacker made his own program, he would be able to do some things that he shouldn't be able to do. What is the best way to create a secure socket + client?
One of the way I had previously thought of is to create a single, random 20 character string. When the server receives a message, it should check for that string. If it was a match, first takes off the first 20 characters, and then sends the message. If it wasn't, it doesn't. How secure is this system?
Thanks,
John Price aka cc11rocks


“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” (Mosher's Law of Software Engineering)
“If debugging is the process of removing bugs, then programming must be the process of putting them in.” (Edsger Dijkstra)
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42053
    
  64
I assume you have implemented authentication (like username/password) and encryption already? That's where I would start.


Ping & DNS - my free Android networking tools app
Rob Spoor
Sheriff

Joined: Oct 27, 2005
Posts: 19697
    
  20

SSLSocketFactory
SSLServerSocketFactory

That's where I'd start.


SCJP 1.4 - SCJP 6 - SCWCD 5 - OCEEJBD 6
How To Ask Questions How To Answer Questions
 
GeeCON Prague 2014
 
subject: Secure Socket + Client