Login  
Search All Forums
Dart Home | PowerTCP Server for ActiveX | Custom Development Reply | PowerTCP Server for ActiveX Topics | Forums   
AuthorForum: PowerTCP Server for ActiveX
Topic: Secure Server getting hacked
BobWaitz
bobw@mhccom.com

From: Burnsville, MN USA
Posts: 12
Member Since: 01/09/06
posted January 9, 2006 6:39 PM

I have an application written with the Secure Server in VB. This application listens on a port and responds to another VB program's requests. This works great at all but one of my clients. Every few days my program just stops responding. I suspect someone is trying to hack into their system because a traffic log on my port shows someone sending QUIT, PASV, and PASS commands. I'm looking at my VB code to try to ignore and reject bogus data but I'm wondering if they are managing to mess up the control in a way that I can't prevent. Outside of recongnizing bad data as it comes across the port, can you offer any suggetions on defeating this sort of attack?

Bob
Tony Priest



From: Utica, NY USA
Posts: 8466
Member Since: 04/11/00
posted January 10, 2006 8:59 AM

We supply events for all the commands, so I guess you could keep track of what commands a session is sending and then kill the session if you don't like them.

Can you post a section of your log where you suspect the hacking is being done? Maybe I can get idea from that.
BobWaitz
bobw@mhccom.com

From: Burnsville, MN USA
Posts: 12
Member Since: 01/09/06
posted January 13, 2006 5:38 PM

Well, after 2 days working with the packet sniffer I've determined that all instances of the bytes reading PASV, LIST, QUIT and CWD in the logs is text that is within the ACK packets back from my server. Dang, I really thought I was on to something there. The thing that's really odd, is that there was no packet activity around the time things went out.

Reply | PowerTCP Server for ActiveX Topics | Forums   
This site is powered by PowerTCP WebServer Tool PowerTCP WebServer for ActiveX