Forum General General flash security - IP spoof, man-in-middle

Any issues or discussions relating to Flash development are welcome here.

General flash security - IP spoof, man-in-middle

Postby Breaker » January 19th, 2012, 8:14 pm

Is there any built-in security/encryption for flash Player.IO or TCP protocols in general? I'm just wondering if I need to worry about my game being susceptible to IP address spoofing. For example;
  • If some one were to spoof their IP to get admin access and forward packets to their real IP.
  • Player A is standing next to player B in the game world. Player B uses a man-in-the-middle attack to send a false packet to the server. The server sees the "drop item" packet being sent from what appears to be player A's IP address. Player A drops his item and has no idea why. Player B snatches the item and quickly logs off.
User avatar
Breaker
 
Posts: 4
Joined: January 19th, 2012, 7:27 pm

Re: General flash security - IP spoof, man-in-middle

Postby Toby » February 6th, 2012, 2:39 am

As in, the client sending packets with an altered source IP? Wouldn't they need the sequence number for that to work?
User avatar
Toby
 
Posts: 86
Joined: January 14th, 2010, 4:01 pm


Return to General