#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2004
    Location
    NYC
    Posts
    2
    Rep Power
    0

    Socket Security Issues


    I'm pretty new to Python but I've written a little script that uses a socket object to connect to another computer and send a few strings. This works in conjunction with a MEL script I wrote. This requires Maya to open a commandPort to interface with the Python script.

    The question I have is: are there any security issues to beware of when using sockets and opening ports. What is the scope of this socket? Does it work over the Internet or just a LAN? (it's difficult to test when you only have access to two computers) Any general programming tips would be appreciated as well.

    the Python code follows if it makes any difference.

    Thanks for any advice.
    -James
    www.arcsecond.net


    Code:
    import socket
    import os
    
    def MCT_sender(text, host, port):
    	remoteHostIP = socket.gethostbyname(host)
    	localHost = socket.gethostname()
    
    	maya = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    	maya.connect((remoteHostIP, port))
    
    	isMCTopen = "if (!`window -exists MCTWin`) \n\t MCT(\"" + localHost + "\"\n);"
    	maya.send(isMCTopen)
    
    	maya.send("$newLine = \"" + localHost + ": " + text + "\\n\";")
    	maya.send("scrollField -e -ip 0 -it $newLine historyGrp;\n")
    
    	maya.close()
    
    if __name__ == '__main__':
    	import sys
    	text = os.path.split(sys.argv[1])[1]
    	host = os.path.split(sys.argv[2])[1]
    	port = int(os.path.split(sys.argv[3])[1])
    	MCT_sender(text,host,port)
  2. #2
  3. Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2004
    Location
    brisbane - australia
    Posts
    10
    Rep Power
    0
    hey james, good to see another maya dude in here! i'm learning python at the mo too.

    in regards to security, i'm not expert, but opening a port in maya is a big security hole. i believe if your machine is connected to the net, then it will be remotely accessible too (i'd be happy to help u test that if u want). considering u pretty much have access to a command line through maya, its a bit scary.

    having said that, anyone wanting to take advantage of that would have to have a working knowledge of mel to exploit the open port tho. and i can't imagine many "crackers" out there would know maya all that well.
  4. #3
  5. Mini me.
    Devshed Novice (500 - 999 posts)

    Join Date
    Nov 2003
    Location
    Cambridge, UK
    Posts
    783
    Rep Power
    13
    From the description it sounds like your PCs operate on a LAN.

    If your PC with the open socket operates on a private LAN and is not the gateway to the INTERNET then it is unlikely anyone from the INTERNET will be able to access it. All PCs on the LAN have private addresses and it is only the public address of the gateway that is known/visible on the INTERNET.

    It is not a problem for PCs on a LAN to access the INTERNET because they are the ones making the request and the gateway knows what to do. In this case the gateway handles the translation between private and public addresses.

    Requests for connections from the INTERNET to your private LAN will not happen unless your gateway/firewall knows where to send the requests when they happen.

    If the firewall is properly configured the only way to make your machine visible to the public would be for the firewall to open up the specific port and steer any requests on that port directly to the local LAN IP address of your PC.

    If you need (secure) access to a private network from the INTERNET then VPN/SSH type technology is what you need which adds a layer of encryption and authentication into the mix.

    grim

IMN logo majestic logo threadwatch logo seochat tools logo