1 Reply Latest reply on Oct 4, 2012 8:55 AM by nimigeanu

    How do you prevent hackers from spoofing a user?

    GoodNewsJim Level 1

      Hello,

       

      I want to write a free P2P gaming network similar to Battle.net.

       

      One thing I've run across is that one person can snoop someone else's user string, and then post as that user.

       

      When two people have the same user id, they can dopplegang the other person, messing their game up.

       

      How do I prevent this?

       

      ,James

       

       

      private function sendMessage():void{

      var message:Object = new Object();

      message.sender = netGroup.convertPeerIDToGroupAddress(nc.nearID);

      message.user = txtUser.text;

      message.text = txtMessage.text;

      netGroup.post(message);

      receiveMessage(message);

      txtMessage.text = "";

      }

       

      private function receiveMessage(message:Object):void{

      write(message.user+": "+message.text);

      }

       

      As you can see in my code, the only thing you get/give is message.user as far as ID, and anyone can spoof this that can decompile the software.