Server Help

Misc User Apps - Is it hard to make a chat client?
Quan Chi2 - Sat Jul 16, 2005 10:31 pm
Post subject: Is it hard to make a chat client?
Is it? And about how long would it take to finish coding it if you spend 2 hours on it a day?
CypherJF - Sat Jul 16, 2005 11:13 pm
Post subject:
Anything isn't difficult if you know how to do it. icon_wink.gif

In my opinion, using the new ASSS simple chat protocol, it's not very difficult at all. The VIE eq. (subchat) takes a bit more work.
Dr Brain - Sun Jul 17, 2005 12:13 am
Post subject:
http://www.sscx.net/hyperspace/chat.html

I've been working on that in my spare time. It's not finished, but it wasn't especially hard. Just a lot of detail work.
Anonymous - Sat Aug 27, 2005 12:00 pm
Post subject:
that is really nice... what about the security though ?:/ can i safely use my main nick on it : )

also what if someone does cross zone spamming through it and should be banned.. then what tongue.gif?
Muskrat - Sat Aug 27, 2005 12:08 pm
Post subject:
You do the same thing you would do on any other client?
Dr Brain - Sat Aug 27, 2005 1:38 pm
Post subject:
They can still be banned.

Your password is sent in plaintext across the internet with all of the chatnet clients. I don't think it's a big deal to do it like this, because anyone with access to your packets could steal your password with subspace too.
Donkano - Sat Aug 27, 2005 5:11 pm
Post subject:
You should MD5 hash it so then people have someone to blame. tongue.gif
Solo Ace - Sat Aug 27, 2005 5:55 pm
Post subject:
Then the MD5 hash would be sent to the biller how?

I think this is the wrong forum for threads like these, but whatever.
Mr Ekted - Sat Aug 27, 2005 6:11 pm
Post subject:
Donkano wrote:
You should MD5 hash it so then people have someone to blame.


People think encryption and hashing solves all problems without even understanding the issue.

The client sends SOMETHING to the server to login. The server makes sure that SOMETHING is correct. Anyone who can see the packet can see that same SOMETHING and send it themselves. It doesn't matter if it's plaintext or encrypted or hashed or whatever.
Bak - Sat Aug 27, 2005 6:52 pm
Post subject:
what if the server sent a random string, that was tacked onto the end of the password and then hashed, so a different hashvalue would be required every time you log in?
Mr Ekted - Sat Aug 27, 2005 7:44 pm
Post subject:
Then the "man in the middle" could see that hash and reply likewise. You still can't un-hash the password on the server, so the stored result would be meaningless.
Bak - Sun Aug 28, 2005 2:42 am
Post subject:
when you create an account or change the password the actual value would be sent to the billing server, but when you login the biller would tell the client the random string to tack on to the end, and compare the hash sent to what it should be, so that unless you catch the password when the account is being created or password is being changed, you have no way of finding out what it is. You don't need to un-hash the password on the server's side, just compute what the hash should be and compare the hashes.

A man in the middle would not be able to get your password for future use, only for that session.
Dr Brain - Sun Aug 28, 2005 9:47 am
Post subject:
That would require client, server and biller changes. You can be darn sure that it will never happen.
Bak - Sun Aug 28, 2005 2:16 pm
Post subject:
chatnet clients can be changed, so can ASSS, and so can some open source billers
Mr Ekted - Sun Aug 28, 2005 4:32 pm
Post subject:
You are correct Bak. However, if the "hacker" viewed the initial password exchance then he would be able to login as normal. This solution effectively narrows the window of opportunity.
Quan Chi2 - Fri Sep 16, 2005 4:45 pm
Post subject:
do you need to pay for anything to do all of this?
Bak - Fri Sep 16, 2005 7:16 pm
Post subject:
(shakes head) what? pay who?
Purge - Fri Sep 16, 2005 11:34 pm
Post subject:
Yeah, you can pay me.
Quan Chi2 - Sat Sep 17, 2005 11:40 am
Post subject:
I don't know.. to connect everyone
SamHughes - Sat Sep 17, 2005 5:00 pm
Post subject:
Chatnet operates via a parallel universe where bandwidth is free.
Quan Chi2 - Thu Sep 22, 2005 3:37 pm
Post subject:
lol parallel universe lol

Sounds so Twilight zone.. lol
All times are -5 GMT
View topic
Powered by phpBB 2.0 .0.11 © 2001 phpBB Group