Java Server/Client + Server Firewall Safety

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Valignus2010

Thread Starter
Joined
Aug 27, 2010
Messages
6
Hi I'm working on a client/server with the Java programming language and trying to figure out how to protect my server. With my current Virus/Firewall protection suite theres nothing I can do to keep out unwanted Java applications on the port I choose to allow the Java SE Binary through for clients accessing the server application. ESET Smart Security 4 is what I am using. Does anybody know of a security suite that would allow only a specific Java application to get through the firewall? I'm not to sure on this subject because my firewall is identifying any Java application as only the "Java SE Binary" and not I'm sure if you can even really name your Java application like you would something you would write in C++. Any information would be appreciated, thank you.
 
Joined
Sep 21, 2007
Messages
11,983
You could set the server to query the client for some sort of ID. And drop the session when the reply doesn't match.

The best defence for internet based server applications is validation, validation and more validation of ALL user supplied data.
 

Valignus2010

Thread Starter
Joined
Aug 27, 2010
Messages
6
Yeah that will work for a program connecting to the java server application, but doesn't really secure the rest of the open port from another java application accessing the rest of my Java SE Binary does it?.

My understanding is that when I create a rule on my ESET Smart Security Firewall, for the Java SE Binary, any Java program can access the Java Virtual Machine running on my system through that port and do anything that it wants, and Java allows.

I do not think that I can make the server application catch all connections if they are not directed at the specific server application.
 
Joined
Sep 21, 2007
Messages
11,983
I think Java JVM itself does not react to anything on any port. Only your java program does, on a certain port that you choose. I don't think anything can touch the Java JVM directly through the port chosen for your server app.

In other words, your server program is holding on to that open port, and all interactions with that port is defined in your server program. Any other Java program which tries to interact with that port Has to work through your server program.
 

Valignus2010

Thread Starter
Joined
Aug 27, 2010
Messages
6
If that is the case, then I'll be a lot better off when I add secure sockets. Thanks for the replies! :)
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top