Jim Campbell wrote: > Anyone transmitting un-encrypted data across a world wide > internet needs to think ahead a little. Every hacker will be > rubbing their hands with glee before trying to hit you on these > ports you have just announced. > [...]
This really isn't much of an issue. The attack you posit is requires a man in the middle, and this is a very rare failure mode -- it essentially requires a compromised router somewhere between the client and server. It's very much not a script kiddy kind of attack; the "announcement" you mention requires elaborate preparation and a special case vulnerability to detect. > Maybe I am paranoid (well known for it in my previous job!) but > a denial-of-service attack on your multi-player ports will soon > wreck your response times! No one is going to care about DoSing a single FlightGear multiplayer client or server. There's no payoff there for the attacker. The scarier doomsday scenario would be a bug in the MP code (on either side) allowing an attacker to compromise the affected machines. But this is a problem for almost all network software, and can be productively treated by careful coding. There's a *lot* of unencrypted UDP software out there. If you *really* want to avoid having unencrypted packets going over the public internet, you can always do it over an encrypted tunnel (IPsec, VPN, ppp-over-ssh, etc...) without changing the current code at all. Andy _______________________________________________ Flightgear-devel mailing list Flightgear-devel@flightgear.org http://mail.flightgear.org/mailman/listinfo/flightgear-devel 2f585eeea02e2c79d7b1d8c4963bae2d