Remoting Security

From: kivancturkees@xxxxxxxxx
Date: 28 Dec 2006 04:20:24 -0800

Hi,

I have a client/server pair which use .Net Remoting. I make remoting
classes another project and compile it as DLL. It works fine but I have
some doubts about security.

When I use a network sniffer to catch the network packets, I can see
the namespace, class name, name of method and all parameters which are
used to call that method very easily.

My first question is What kind of security should I implement to
prevent this? ( or at least it is possible)
Also Can someone who doesn't have my DLL but knows the class name,
method name and parameter list call my remote method? If it is possible
how can I prevent it?

Thanks,
Kivanc

.

Prev by Date: Re: Remoting Problem
Next by Date: Error with .Net Runtime 2.0 on Windows Service
Previous by thread: Passing an object reference back from a COM+ hosted object
Next by thread: Error with .Net Runtime 2.0 on Windows Service
Index(es):
- Date
- Thread

Relevant Pages

Re: .NET Security
... Does this suggest that the programming attributes and/or code groups will be applicatable now? ... I "presumed" that from a sandboxing and security separation standpoint that installing our own code group would be the suggested method to isolated it. ... I'll written a .NET SDK API class library DLL wrapping our native WIN32 API and have written new clients, some VB6 ports to .NET as well, using the new .NET DLL. ... Dim ms As MEMORYSTATUSEX ...
(microsoft.public.dotnet.security)
[NT] Sybase xp_freedll Buffer Overflow
... Beyond Security would like to welcome Tiscali World Online ... Xp_free accepts a single parameter that is the name of the DLL to free. ... memory buffer. ... This memory copy results in the stack and the stack pointer ...
(Securiteam)
New Tools from Imperva ADC
... Imperva's Application Defense Center has released two new security ... This can be useful for identifying a dll that is related ... existance of an encryption key inside an executable file (based on Adi ... Shamir's "Playing hide and seek with encryption keys"). ...
(Pen-Test)
Re: Access is denied accessing VB6 dll through RCW
... Try to turn the security audit on in the Local Security Policy console, and then tune auditing of all access failures for the folder in which the COM DLL resides. ... I'm having trouble using a RCW for a dll I created, ... When I turn impersonation off, ...
(microsoft.public.dotnet.framework.interop)
Re: Explorer Toolbar
... Microsoft Online Partner Support ... I think we need to use the Keyboard hook. ... Yes, because every IE is a standone process, so the dll is loaded in every ... Here is a link about .NET remoting, ...
(microsoft.public.dotnet.framework.windowsforms)