The reliability of both is equally impacted (or not impacted) by ARP spoofing, so yes, you should object, but your reasoning doesn't make sense. Both TCP and UDP are layered on top of IP, and have no visibility of the level at which ARP spoofing happens (Ethernet). If there's no contention from the other hosts, ARP spoofing is fully reliable for all IP-based protocols. You do it once, the gateway thinks that you're the victim and the victim thinks that you're the gateway, and you have a reliable MitM position over which you can send TCP, UDP, ICMP, or anything else IP-based. If there's contention from the other hosts and they try to re-assert the actual network topology, it doesn't matter what you're using on top of IP. Every so often, the mapping of IP to Ethernet (MAC) address will get changed, and you (the attacker) will be out of the loop. If a packet arrives / is sent during this time, it will bypass you. The one place this might matter is if you're implementing a transparent proxy, terminating the TCP connection from the client (pretending to be the server) and starting a new one to the server. In that case, the sequence numbers on each side of you will be different, and without you in the loop, the connection will break. However, there's no need to do this; you can just modify the TCP stream bidirectionally without actually terminating it. Of course, if you're doing something like SSL Stripping (where one side will be using TLS and the other won't), that will still break. That has nothing to do with using TCP or UDP, though. If you're "stripping" DTLS (which is UDP-based), then as soon as you're cut out you'd once again have the two sides of the conversation speaking different protocols at each other and things would break.

I think you are confusing creating and using a botnet in general vs. using it for specific attacks. Spoofing the source IP address to the one of the victim is a common attack pattern in DDoS amplification attacks, where a small request will result in a bigger response - which because of the spoofed source IP address is then directed to the victim. This way the power of the botnet can be amplified, i.e. attacks can be much larger compared to to direct DDoS to the target from the botnets compromised computers. For more see https://www.cloudflare.com/learning/ddos/dns-amplification-ddos-attack/ or https://www.cloudflare.com/learning/ddos/ntp-amplification-ddos-attack/ .

If you do not operate your network, it is clear or not clearly socket API that is used to communicate through the UDP Protocol network, but is implemented at the system level in the vast majority of cases.Telnet protocol is inappropriate at all. It is above UDP and is also upstream of the TCP/IP protocol.Your task is two questions: how to use socket API properly to send/read UDP protocol data:import socket sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sock.sendto(b"data", (UDP_IP, UDP_PORT)) Look, there's no SOCK_STREAM here, and there's no obvious. bind()♪What exactly is your game server waiting for is depending on the server.

On the other day, I looked into the question of connections in two NAT-a and I think I wrote https://github.com/sercxjo/nathole-example ♪ I'll get a part of my program that's on STUN server.#include <netdb.h> #include <stdio.h> #include <stdlib.h> #include <stdarg.h> #include <unistd.h> #include <fcntl.h> #include <poll.h> #include <string.h> #define debug(...) fprintf(stderr, __VA_ARGS__) struct peer_addr { uint32_t in_addr; uint16_t port; } mypeer[1]; static inline void die(const char *format, ...) attribute((format(printf, 1, 2), noreturn)); static inline void die(const char *format, ...) { va_list va; va_start(va, format); vfprintf(stderr, format, va); va_end(va); exit(1); } static inline void fatal(const char *name) attribute((noreturn)); static inline void fatal(const char *name) { perror(name); exit(1); } int connect_to_host(const char *node, const char *port, int sock_type) { int res; struct addrinfo ar_request= { 0, AF_INET, sock_type }, *ar_result= 0; if( (res= getaddrinfo(node, port, &ar_request, &ar_result)) != 0 ) die("Resolving %s: %s\n", node, gai_strerror(res)); int sockfd= socket(ar_result->ai_addr->sa_family, ar_result->ai_socktype, ar_result->ai_protocol); if( sockfd<0 ) fatal("Create socket"); if( connect(sockfd, ar_result->ai_addr, ar_result->ai_addrlen)<0 ) fatal("Connect socket"); freeaddrinfo(ar_result); return sockfd; } struct stun_header { uint16_t msg_type; uint16_t data_len; uint32_t magick; uint32_t id[3]; unsigned char data[]; }; void stun_req(int sockfd, struct peer_addr peer) { struct stun_header buf= { htons(1), 0, htonl(0x2112A442) }; // 1 - binding request int rndfd=open("/dev/urandom", 0); read(rndfd, (char)buf.id, sizeof buf.id); close(rndfd); for( int attemp=0; attemp<5; attemp++ ) { if( write(sockfd, &buf, sizeof buf) != sizeof buf ) fatal("Send STUN request"); struct { struct stun_header hdr; unsigned char data[256]; } rbuf; struct pollfd rfd= {sockfd, POLLIN}; int ret=poll(&rfd, 1, 500); if( ret<0 ) fatal("STUN responce waiting"); if( ret==0 ) continue; if( rfd.revents&(POLLERR|POLLNVAL|POLLHUP) ) die("Error during STUN responce wait\n"); ret= read(sockfd, &rbuf, sizeof rbuf); if(ret<0) fatal("Read STUN response"); if( rbuf.hdr.magick!=buf.magick || memcmp(buf.id, rbuf.hdr.id, sizeof buf.id) ) continue; for( int i=0; i<ret-20 && i<rbuf.hdr.data_len && rbuf.data[i+2]==0; i+= ((rbuf.data[i+2]*256+rbuf.data[i+3]+7)&~3) ) { debug("%x %d\n", rbuf.data[i]*256+rbuf.data[i+1], rbuf.data[i+2]*256+rbuf.data[i+3]); if(rbuf.data[i+2] || rbuf.data[i+3]==0 || ((i+rbuf.data[i+3]+7)&~3)>ret-20) continue; void debugIP(const char *name) { debug( "%1$s IPv%2$d %4$d.%5$d.%6$d.%7$d:%3$d\n", name, rbuf.data[i+5]*2+2, rbuf.data[i+6]256+rbuf.data[i+7], rbuf.data[i+8], rbuf.data[i+9], rbuf.data[i+10], rbuf.data[i+11] ); } switch( rbuf.data[i]256+rbuf.data[i+1] ) { case 0x8020: for(int j=0; j<2; j++) rbuf.data[i+6+j]^= ((char)&rbuf.hdr.magick)[j]; for(int j=0; j<rbuf.data[i+3]-4; j++) rbuf.data[i+8+j]^= ((char)&rbuf.hdr.magick)[j]; debug("XOR-"); case 1: debugIP("MAPPED-ADDRESS"); if(rbuf.data[i+5]==1) { // IPv4 only peer->port= (uint16_t)(rbuf.data+i+6); peer->in_addr= (uint32_t)(rbuf.data+i+8); } break; case 4: debugIP("SOURCE-ADDRESS"); break; case 5: debugIP("CHANGED-ADDRESS"); break; } } return; } die("STUN timeout\n"); } int main(int argn, char **argv) { if( argn!=2 ) die("usage: stun_cli <stun_server>\n"); int sockfd= connect_to_host(argv[1], "3478", SOCK_DGRAM); stun_req(sockfd, mypeer); } The list of free STUN servers is available https://ru.wikipedia.org/wiki/STUN#.D0.9F.D1.83.D0.B1.D0.BB.D0.B8.D1.87.D0.BD.D1.8B.D0.B5_STUN-.D1.81.D0.B5.D1.80.D0.B2.D0.B5.D1.80.D1.8B ♪

Strictly, you don't want to write a test for that code. Because youth tests by definition should not depend on the outside environment (in this case the network). How do you do that?First, a communication code from UDP to a separate class that will use a higher level code. This class shall contain as much logic as possible and only UDP dispatch. For example, the logic of obtaining the bite and IPAddress must be removed from it. This will allow the maximum number of codes to be tested by young people without the network. Example:public class UDPSender { public void Send(byte[] data, IPAddress address, int port) { UdpClient udpclient = new UdpClient(); udpclient.JoinMulticastGroup(address); IPEndPoint remoteep = new IPEndPoint(address, port); udpclient.Send(data, data.Length, remoteep); udpclient.Close(); } } ... byte[] number = Encoding.ASCII.GetBytes(numb.ToString()); IPAddress multicastaddress = IPAddress.Parse(_instance.configuration.ip); var sender = new UDPSender(); sender.Send(number, multicasaddress, _instance.configuration.port); Secondly, since our new class contains a minimum number of trivial codes, you may not be able to test it, but you can use a pair of manual checks. If you want to write tests, you're gonna need to write full integration tests with a network and a test client.

Here:sock_mu.bind(ep_m); sock_mu.bind(ep_s1); Twice in a row, the bin of the same straw.receive_from Second argument accepted endpointto be placed at the address/port of the consignor of the detagram received. That is, their installation: ip::udp::endpoint ep1(ip::address::from_string("192.162.2.101"), port); Doesn't make sense.Also receive_from blocks performance until it gets the detagram. Maybe you need asynchronous functions instead of her (depending on your application logic).If the idea was to create two sockets, squeeze them by one port, and in each case, to get the detagrams from a certain client, it would be necessary:cause the method of skate http://www.boost.org/doc/libs/1_61_0/doc/html/boost_asio/reference/basic_datagram_socket/connect/overload1.html transmitted as a parameter the final point of the remote deviceCall the method. http://www.boost.org/doc/libs/1_61_0/doc/html/boost_asio/reference/basic_datagram_socket/receive/overload1.html Soketa (not receive_from) to get information.In your situation, it might be better to use one socket to take the detagrams with help. receive_from From all the customers and the result is to determine who sent the detagram.

A primitive method for simple cases - describe the data structure:struct Data { int a; float b; char c[32]; } data; Put it in the juket on the front side.send(socket, &data, sizeof(data), 0) and at the host to read the same structurerecv(socket, &data, sizeof(data), 0)) Very important. To ensure that the statues on both sides (transfer and receiver) are identical in memory (single sizes, the same order of the baytes in the system, the same levelling of the structure fields, the same representation of the chips with a floating point). Otherwise, it's not what they sent. In practice, if the host side is also written in another language, we will get an extra smell and a spark to make mistakes.The next option is to manually fill the data buffer:int foo = 42; long bar = 0; std::string str; str.append((char*)&foo, sizeof(int)); str.append((char*)&bar, sizeof(long)); There is no longer a problem with the levelling of the structure fields as in the first option, since the data we're clicking on ourselves, without intervals. But the rest of the problems are still with us (there's still the order of the bikes, the size of the types, the presentation of the floating point chips should be identical on the transmitter and receiver).Hand, side-by-side flow.uint32_t foo = 42; std::vector<uint8_t> buffer; buffer.push_back(static_cast<uint8_t>(foo >> 0)); buffer.push_back(static_cast<uint8_t>(foo >> 8)); buffer.push_back(static_cast<uint8_t>(foo >> 16)); buffer.push_back(static_cast<uint8_t>(foo >> 24)); We're just taking every piece of data here and hand-delivering to the weekend flow, independently of the system. It's gonna have to be handwritten. The most universal method is that all aspects of the generated flow are controlled by themselves. For convenience, a classifier/decider for the required types (including user) may be added.Over time (and may be immediately) the difficulties associated with changing the data transferred are added (e.g. additional data were needed, or some old ones have become inaccurate). Especially if the receiver has to accept data in the old and new format. I'll have to add some version identifiers. Cases where optical data (which may not be available) or dynamic data (masses) should be further processed.In order not to deal with all these tasks on their own, it is possible to take a ready solution, for example. https://github.com/google/protobuf from google. Supports different languages, has a version system, supports integrated data. Or a slightly more simple solution (but faster) from google, too. https://google.github.io/flatbuffers/ ♪If the volume of information transmitted is not critical, it may be convenient to generate data as json (e.g. by https://github.com/nlohmann/json ) If on the host of JavaScript, he'll be very grateful to you. Also, as a programmer from a typical language, I recommend the use of http://json-schema.org to test json.As an alternative json can be taken http://msgpack.org/index.html which is "like json," but more compact. If you need more compact, you can squeeze the zlib line.All options should also take into account what to transfer indicators It's pointless, because on the host side they'll indicate where they don't know. Also understand the subtleness of network data transmission. For example, data sent to UDP may not reach the recipient, data sent to TCP may be fragmented or glued with accessories, etc. You might want to think about ready web libraries, for example. https://github.com/OculusVR/RakNet which includes almost everything to build a multiplier game.

(1) External clients are mostly https://ru.stackoverflow.com/questions/167582/%D0%9F%D1%80%D0%B8%D1%91%D0%BC-udp-%D0%BF%D0%B0%D0%BA%D0%B5%D1%82%D0%BE%D0%B2-%D0%B7%D0%B0-nat%D0%BE%D0%BC Get to the server via NAT. This is not much different from the same TCP.(2) Client access checks are very simple - answerable - available.(3) Consider that the UDP does not guarantee that the packages delivered will reach, and will do the right thing. There's a suspicion that you invent TCP.

UDP-packets have the right to lose, everything's fine. It's an expected behavior. If you need a secure delivery, use TCP.Or you can serve as an acknowledgement, and if you don't confirm it, repeat it. But such a bike will basically repeat what TCP does inside.

I've set a minimum client's ransom, and I've seen it. https://habrahabr.ru/post/149077/ :import socket from time import sleep UDP_PORT = 5005 sock = socket.socket(socket.AF_INET,socket.SOCK_DGRAM) sock.connect(('localhost', UDP_PORT)) while True: sock.send(b'Hello, World!') sleep(1) Accordingly, the server will look like:import socket UDP_PORT = 5005 sock = socket.socket(socket.AF_INET,socket.SOCK_DGRAM) sock.bind(('', UDP_PORT)) while True: data = sock.recv(1024) if not data: break print(data) sock.close() Updated to be UDP, now it doesn't matter client and server.

but there was an urgent need to interview multiple servers on the udp and tcp protocols.You'll need to set up a separate process for each server to question it. It is most convenient to create a process with the help of gen_server and to connect it as a child to a supervisor.This erlang-specialist here is exhausted, the rest will be just like any other language.

Updating: subpoenaed the code to make him more relevant to your case.const int listenPort = 11000; using (UdpClient listener = new UdpClient(listenPort)) { while (true) { var result = await listener.ReceiveAsync(); Console.WriteLine( $"Received from {result.RemoteEndPoint} {result.Buffer.Length} bytes"); // если ваша обработка длительная, то стартуйте Task, обрабатывающий данные, здесь Task processTask = Process(result); } } async Task Process(UdpReceiveResult result) { var endpoint = result.RemoteEndPoint; byte[] message = result.Buffer; using (var sender = new UdpClient()) { sender.Connect(endpoint.Address, destinationPort); var backMessage = Encoding.UTF8.GetBytes("Давай по новой"); await sender.SendAsync(backMessage, backMessage.Length); } }

In principle, 10 programmes can be launched with different ports by 20 clientsWhy? You can use a lot of velocity. Set up 1 trainee flow, which, when the client is connected, will launch another special flow to work with him. When this flow is disconnected, it is destroyed.It also makes sense to develop a data-transfer format so that data can only be transmitted between the customers.Prepared solutions for ESB can be used. Some were discussed https://stackoverflow.com/questions/41353/net-esbs-out-there ♪At the very least, it is possible to try to implement its format. But I deeply doubt that it will be necessary.

No, it's impossible. No notice of closure is provided.

First of all, I want to thank you for asking, he's really good.Second, I'll answer.This problem arises as the Allow remote requests regime is included. ♪If you turn off, Mikrotik stops working like DNS server. The situation is, you have a Mikrotik wrongly. Rooter on the Internet shouldn't be silent. But it's no longer the Mikrotik itself. I mean, let's see:If we don't need DNS, we'll turn off that necklace.If the firewall is shut down, we'll allow all the services we need and it's okay.If the default firewall is open to everything, the DNS service is to be closed outside.

I did. Here's the code: #include <arpa/inet.h> #include <netinet/in.h> #include <stdio.h> #include <sys/types.h> #include <sys/socket.h> #include <unistd.h> #include <stdlib.h> #include <string.h> #include <sys/time.h> #include "slist.c" #define MAXLEN 4096 char* toUpper(char*); int main(int argc, char **argv){ slist_t list = (slist_t)malloc(sizeof(slist_t)); slist_init(list); fd_set read_fds, write_fds; // temp file descriptor list for select() int sockfd; // socket descriptor struct sockaddr_in srv, cli_addr; // used by bind() socklen_t clilen = sizeof(cli_addr); int nbytes, portno; struct timeval timeout; timeout.tv_sec = 0; timeout.tv_usec = 0; //check command line arguments if (argc != 2) { fprintf(stderr, "Usage: ./server %s <port>\n", argv[1]); exit(1); } portno = atoi(argv[1]); if ((sockfd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0){ perror("ERROR opening socket"); exit(1); } else printf("Server : Socket() successful\n"); //bzero(&srv, sizeof(srv)); /* bind: use the Internet address family */ /* create the socket / srv.sin_family = AF_INET; / bind: socket ‘sockfd’ to port portno*/ srv.sin_port = htons(portno); /* bind: a client may connect to any of my addresses */ srv.sin_addr.s_addr = htonl(INADDR_ANY); if(bind(sockfd, (struct sockaddr*) &srv, sizeof(srv)) < 0){ perror("ERROR on binding"); close(sockfd); exit(1); } else printf("Server : bind() successful\n"); //Now the UDP server is ready to accept packets… while(1){ fflush(stdout); char* buf = (char*)malloc(MAXLEN); // message buf char* copybuf = (char*)malloc(MAXLEN); memset(buf, 0, strlen(buf)); bzero(buf, MAXLEN); FD_ZERO(&read_fds); FD_SET(sockfd, &read_fds); int n = select(sockfd+1, &read_fds, &write_fds, 0, 0); if(n < 0) { perror("ERROR Server : select()\n"); close(sockfd); exit(1); } if(FD_ISSET(sockfd, &read_fds)) { printf("Server is ready to read\n"); nbytes = recvfrom(sockfd, buf, MAXLEN, 0, (struct sockaddr*)&cli_addr, &clilen); if (nbytes < 0){ perror("ERROR in recvfrom()"); close(sockfd); exit(1); } // printf("Received packet from %s : %d\n", inet_ntoa(cli_addr.sin_addr), ntohs(cli_addr.sin_port)); // printf("Data: %s", buf); FD_CLR(sockfd, &read_fds); } if(strlen(buf) != 0){ slist_append(list, buf); //printlist(list); //you may see the list memcpy(copybuf, buf, strlen(buf)); if(list == NULL){ perror("List is empty. Server is not ready to write."); close(sockfd); exit(1); } else{ FD_ZERO(&write_fds); FD_SET(sockfd, &write_fds); if(FD_ISSET(sockfd, &write_fds)){ toUpper(copybuf); nbytes = sendto(sockfd, copybuf, MAXLEN, 0, (struct sockaddr*) &cli_addr, sizeof(cli_addr)); if(nbytes < 0) { perror("ERROR in sendto"); close(sockfd); exit(1); } printf("Server is ready to write\n"); //printf("Send to client: %s", copybuf); //printf("==========================\n"); printf("\n"); memset(&copybuf, 0, sizeof(copybuf)); FD_CLR(sockfd, &write_fds); } } } memset(&buf, 0, sizeof(buf)); } close(sockfd); return 0; }

sendto Acceptance const char*What's inside is he doesn't care if the dimensions match, so:sendto(s, (const char*)buf, sizeof(buf), 0, (struct sockaddr *)&sockAddr, sizeof(sockAddr));

It's best to send data through the binary show. var key = Gamal.Encode("Привет",p,g,x,k); // Текст для подписи MemoryStream str = new MemoryStream(); MemoryStream stream = ElgamalLib.Gamal.SerializeToStream(key); buffer = stream.ToArray(); str.Close(); try { s.BeginSend(buffer, 0, buffer.Length, SocketFlags.None, new AsyncCallback(DoSend), s); } public static MemoryStream SerializeToStream(object o) { MemoryStream stream = new MemoryStream(); IFormatter formatter = new BinaryFormatter(); formatter.Serialize(stream, o); return stream; } public static object DeserializeFromStream(MemoryStream stream) { IFormatter formatter = new BinaryFormatter(); stream.Seek(0, SeekOrigin.Begin); object o = formatter.Deserialize(stream); return o; }

I wouldn't make a flow in a form designer or on FormCreate. Try the button. Though I may not be right. But I've always started the flow from a form that has already been created.

Thanks for the answers, it helped us use. c_str()♪ I'm sorry I didn't sign off earlier, but the problem came up the next day, and I forgot about it. Here's a piece of work code: Char buf[1019]; String str = Form1->Edit1->Text; for(int i=0; i<str.Length(); i++) buf[i] = str.c_str()[i];