I am working on porting a Windows Phone application to Windows 8 Metro, using the WinRT API. It is a networking app that makes use of sockets on arbitrary ports (different servers use different ports) On the Wp7 platform, I am able to set both requirements and preferences on which network connection type to use when opening up a socket connection. For instance, by default the socket will only connect on WiFi and not the cellular data connection to protect the user from unexpected data use, but the user can not only set it to use the cellular connection, but to use it even if they are connected to wifi. This is useful for instance if the user is on a corporate network behind a firewall using a wifi connection, but the server or port they want to connect to is blocked by the corporate firewall. In this case, the user can tell my app to use the cellular data connection even while connected to WiFi, so that the connection can go through.
So far, on WinRT, I have only been able to get information about the currently active internet connection, and to enumerate through each connection. I don't know, however, how to tell a StreamSocket to prefer connecting via an alternate data connection from the currently active one or if this is even possible. Without this capability, the network firewall scenario above will not be possible from the app's end. The user would have to go to system settings and disable wifi just to work with my app. This is not ideal - my users on Windows Phone love the ability to set this preference without turning wifi on or off.
Is there a method of setting a network adapter preference programatically in WinRT the way it can be done in WP7?
Judging from the (preliminary) documentaion, I don't believe it's possible to do this using the standard APIs, without digging deeply into how sockets are instantiated in WinRT - that is, without doing stuff that would get your app disqualified from the Store anyway.
The whole point of the new and redesigned networking APIs is to allows the user (well, and Windows itself) to set the current connectivity options to how the want them, and allow your app to adapt its network usage patterns to the current capabilities of the network.
Arguably, it is a step back from what was available on WP7. But the argument here is to let the system and the user chose what's more correct at this moment, and have apps adapt to that, instead of having the apps to come up with logic for what network interface to use.
Related
I am working on a Windows server application that will transfer sensitive information to another Windows server over a socket using an HTTPClient. The servers are supposed to be configured to use IPSec. So yay, I I don't have to do anything to setup the secure connection at the application level. However, I have been instructed to ensure that if the connection is using IPSec and abort if it is not.
How can I programmatically determine if the connection is indeed secured with IPSec? The application is C#, on Windows Server 2016. I am open to P/Invoke based solutions or C code if that is required to make this work. So long as it can ultimately work with a C# HttpClient class.
It is not application's concern and can't be done. The tunnel is transparent to application level users of the network stack. If you want the application to ensure that connection is encrypted and authenticated, use TLS. Otherwise it is up to the network/system administrators to make sure that policies are setup so that only ipsec traffic is allowed.
Imagine that you figure out a way to ensure that tunnel is setup by interrogating the OS in some way. And then in 2 years the system needs to be scaled up and IPSec termination is moved to dedicated hardware. Oops.
I used this MS link to put together a TCP server in C# on a PC. I'm holding the port open and waiting for connections to be established by various PLC clients. The PLCs are in moving autonomous bots, so they move in and out of Wi-Fi range. I'm using this setup to acquire running variables (battery %, etc.) from the bots and display them in a UI for the system administrator to monitor.
I setup the router with port forwarding so that the data arrives on the server PC from the various clients. I'm using Siemens S7-1200 PLCs and I don't believe that they support high end security features like PCs.
So my question is this, if the admin PC is running a Windows service that constantly monitors the open port then is there a security risk? And if there are risks, can you please explain and support with links or resources to help me patch these holes (in C#)?
It seems safe to me because if the PC is off, the port is closed. If the PC is on, the port is open but is bound to the application monitoring it. If the port receives something that it does not deem valid it just dumps that data. I am not incredibly knowledgeable on software and PC security, but this is slightly different because it is a single PC interfacing with less capable hardware.
Having a port open exposes you to anyone connecting to that port and providing bad information, exposing a vulnerability on your message parsing and socket handling implementation (buffer overflow or script injection), or just swamping your application with traffic. The last one is almost impossible to protect against, someone can always DOS you at some level.
None of these are unexpected risks, but you need to be aware of them and ensure that you properly scrub incoming traffic to reject malformed requests and somehow authenticate and drop connections that aren't from the bots you expect.
If you do make an authentication step, you'll want to encrypt the channel before authentication using something like SSL or SSH. Otherwise, someone else could watch your traffic, observe the authentication transaction, and then just copy it.
Best of luck! Security is a deep rabbit hole, but a very valuable skill!
I need to get two machines to communicate via WiFi without using IP (I do not want to use IP sockets). The solution preferably should work with both WiFi modes (infrastructure such as regular WiFi and ad-hoc such as WiFi Direct). A C# sample code would be great please.
I have searched a lot and could not find any code similar to a socket program that sends and receives data between two machines (p2p) but using only WiFi without any IP.
Apple's Multi-Peer Connectivity framework supports setting up a Peer to Peer connection without the developer having to manage the IP connectivity directly, but it uses IP to deliver data and is limited to Apple devices.
It's possible to do this if you are willing to write the low-level c code to do it, but any solution which avoids IP will have to recreate significant portions of the protocol to be useful and would almost certainly require much more work than just using the IP features of the OS.
For very simple forms of communication between Wi-Fi stations you can use custom Action Frames and Information Elements, but those require very low-level access to the driver.
I have a device connected to a host computer through cradle usb. Now, I'm just wondering if I could use C# sockets to communicate with the device (ie device sending data, host computer processing it then replying back to the device). How can I accomplish this? by that, what ip address etc etc.. do I have to change so that it would connect cause I have the sockets working on wireless. If not, then is there a way to connect to the device, open and read a file (a text document to be more specific) from the device to my host application.. any ideas?
Thanks! :)
Depending on your target device, when you connect via ActiveSync it likely makes a local RNDIS network connection between teh two devices. You can resolve "ppp_peer" as the partner's network name instead of trying to use a hard-coded IP address (IIRC the IP is different on XP than on Vista).
Be aware that it's not a full connection. TCP packets gets passed through, but things like ICMP do not.
Of course, this just gives you a socket connection, just like if you were to connect between two PCs. It's not going to allow you to do file system operations unless you have an app on the other side listening for commands. If you want that type of thing, Microsoft provides the Remote API (RAPI) interface (wrapped in managed code here)for a lot of basic commands, and it can be extended (with C) to do anything you'd like.
I need to able to block any and all connections to my pc from a specific IP address , i know this is possible with a firewall but i need to do this in c#. Any idea how (need code).
Update :
Its a generic C# app not asp.net , target platform is WinXp till Win7
Need more information... if you're talking socket communication, you can simply close the connection to a client as soon as it connects if the IP address is blocked, or process the Connection Request and evaluate there.
Edit: Simplest way for you would probably just be to interact with Windows Firewall API... here's how:
http://www.shafqatahmed.com/2008/01/controlling-win.html
Your question is unclear but I'll try to answer the best I can, within my understanding.
Do you want to control machines from connecting to any port on your machine? if so, you need to control the built-in windows firewall or find yourself a filter driver you can control. In order to write your own filter driver, you must leave the land of managed code, so I am guessing that's not an option.
To learn how to control the firewall, here's a link:
http://www.shafqatahmed.com/2008/01/controlling-win.html
more on google.
Do you want to control remote machines from connection to a port on your machines that your application owns? You cannot do that either (see #1 above). However you can take action after the connection, and close the connection if you don't like the remote IP (check the remote endpoint's IP).
two caveats with this approach:
It doesn't save you from a DoS attack.
You will need to be careful if you need ipv6 support (you can't just check the IPV4 address in that case)
HTH
A "firewall" in c#?
First you would have to access the network interface on a low level, eg.: http://msdn.microsoft.com/en-us/library/ms817945.aspx
Then you have to parse all incoming packets and maybe discard them.
It's not an easy task and I don't recommend you to write a driver and a firewall in C#, because the .NET Framework will be loaded every time you start your machine.
Also traffic parsing can be tricky... I implemented a router/traffic analyzer in C# some time ago and it took me about one year to gain the experience with network programming to gain the knowledge to do this.