Simple security mechanism, To ensure unwanted users to not get access to amip |
Simple security mechanism, To ensure unwanted users to not get access to amip |
uplate |
Nov 4 2007, 05:38 PM
Post
#1
|
Member Group: Members Posts: 21 Joined: 10-October 07 Member No.: 391 |
Hey Serge,
I was wondering if there is currently a way or if it is part of future plans to implement a simple security mechanism. I don't want unwanted requests to my AMIP server or to my ClientService implementation. I realize this is not a problem for most people as they probably use both the client and server components within a single, close network. However, I am likely to use AMIP on one network and the client on another, meaning communications will occur through unsecured paths, and I will have to expose the necessary server ports to WAN. I was thinking perhaps an authentication method could be added to both the AMIP MyService and client ClientService, perhaps something like: CODE RCF_METHOD_V1(void, authenticate, std::string ); And it could be toggled at both endpoints (amip configurator, ac.dll) to require authentication or not. Although I think this would require rewriting of amip to return an error if exec,eval,etc. are attempted prior to successful authentiation... For now, I will just bind the servers on non-default ports, or tunnel the traffic through SSH :-P. Thanks, Max |