Hey all,
this is kind of a security question, I hope I don't cross any lines (if a mod thinks that I am... just delete this)

What I want to know is if it's possible to silently refuse a connection. Ex., remote computer tries to connect but can't provide appropriate login data. So I want to refuse the connection is such a way that the client end doesn't know that there's even somebody on the other end.

For instance, if the client calls connect and gets WSAECONNREFUSED then they know somebody is there. But I'd like the connection to simply time out so they get WSAETIMEDOUT.

Anybody have any ideas? Basically I'm trying to avoid somebody finding my app running on a machine by scanning ports or similar.

Posted on 2002-10-18 18:31:41 by chorus
I wanted to do something similar to this, except that I was checking the IP addy.

Sorry that I can't help you out, I was just expressing a want to learn also.
Posted on 2002-10-18 22:21:35 by gorshing
Were you able to get the IP without calling accept? This is really what I have to do, but I see nothing in the winsock API that will let me do it...


Posted on 2002-10-18 22:32:40 by chorus
No I wasn't able to find out how to do that.

But my curiousity is getting the best of me again ... I am going to try and find out ... if nobody posts here I will.
Posted on 2002-10-19 08:59:12 by gorshing
You're always gonna have SYN/ACK unless you only allow certain addresses to connect and just drop the "bad" connection through raw sockets... That's pretty much the only way I know you could do somethhing like that... But I'm probably mistaken
Posted on 2002-10-21 03:20:02 by NervGaz