Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / NetFx40 / System.ServiceModel.Discovery / System / ServiceModel / Discovery / UdpDiscoveryMessageFilter.cs / 1305376 / UdpDiscoveryMessageFilter.cs
//---------------------------------------------------------------- // Copyright (c) Microsoft Corporation. All rights reserved. //--------------------------------------------------------------- namespace System.ServiceModel.Discovery { using System.ServiceModel.Channels; using System.ServiceModel.Dispatcher; // This class provides a mitigration to the DDOS threat when using Discovery APIs with // UDP multicast transport. // // The Probe and Resolve request are sent multicast and are not secure. An attacker can launch // a third party distributed DOS attack by setting the address of the third party in the ReplyTo // header of the Probe and Resolve requests. To mitigate this threat this behavior drops the // message that have ReplyTo set to a value that is not annonymous by setting appropriate // message filter. // class UdpDiscoveryMessageFilter : MessageFilter { MessageFilter innerFilter; public UdpDiscoveryMessageFilter(MessageFilter innerFilter) { if (innerFilter == null) { throw FxTrace.Exception.ArgumentNull("innerFilter"); } this.innerFilter = innerFilter; } public MessageFilter InnerFilter { get { return this.innerFilter; } } public override bool Match(Message message) { if (message == null) { throw FxTrace.Exception.ArgumentNull("message"); } if (InnerFilter.Match(message)) { bool isMatch = ((message.Headers.ReplyTo == null) || (message.Headers.ReplyTo.IsAnonymous)); if (!isMatch && TD.DiscoveryMessageWithInvalidReplyToIsEnabled()) { TD.DiscoveryMessageWithInvalidReplyTo(message.Headers.MessageId.ToString()); } return isMatch; } return false; } public override bool Match(MessageBuffer buffer) { if (buffer == null) { throw FxTrace.Exception.ArgumentNull("buffer"); } return this.Match(buffer.CreateMessage()); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ToggleButtonAutomationPeer.cs
- XmlILStorageConverter.cs
- TextServicesLoader.cs
- ClientRuntime.cs
- XmlTypeMapping.cs
- RequestedSignatureDialog.cs
- XmlSchemaObject.cs
- _TimerThread.cs
- PageBuildProvider.cs
- DesignerPainter.cs
- ButtonPopupAdapter.cs
- CodeCatchClauseCollection.cs
- DesignerSerializationOptionsAttribute.cs
- HtmlInputCheckBox.cs
- SpellerStatusTable.cs
- ColorConverter.cs
- TraceListeners.cs
- BitmapVisualManager.cs
- IndexedGlyphRun.cs
- RuleInfoComparer.cs
- ParameterEditorUserControl.cs
- DataGridItem.cs
- TranslateTransform.cs
- ControlValuePropertyAttribute.cs
- MouseBinding.cs
- XmlTextReaderImplHelpers.cs
- ClassData.cs
- OperationAbortedException.cs
- InputQueueChannelAcceptor.cs
- RuleInfoComparer.cs
- EntryWrittenEventArgs.cs
- AsyncCompletedEventArgs.cs
- FilterElement.cs
- WindowsAltTab.cs
- QilVisitor.cs
- TextEditorCopyPaste.cs
- CollectionBase.cs
- DataSetUtil.cs
- DodSequenceMerge.cs
- InputScopeConverter.cs
- InternalMappingException.cs
- SerialErrors.cs
- SystemInformation.cs
- FontDialog.cs
- CodeParameterDeclarationExpression.cs
- ToolStripItemImageRenderEventArgs.cs
- ProcessModelSection.cs
- StrongNameMembershipCondition.cs
- RegistrySecurity.cs
- DBDataPermission.cs
- TemplateColumn.cs
- ItemCheckedEvent.cs
- cookie.cs
- XmlnsPrefixAttribute.cs
- BitmapEffectDrawingContextState.cs
- PointIndependentAnimationStorage.cs
- CollectionBase.cs
- CompensationParticipant.cs
- XmlWrappingReader.cs
- TypeReference.cs
- ResourceAssociationType.cs
- ReadOnlyPropertyMetadata.cs
- ConfigurationProperty.cs
- PersonalizationDictionary.cs
- RichTextBoxAutomationPeer.cs
- ZipIOExtraField.cs
- BuildProvidersCompiler.cs
- SamlEvidence.cs
- XmlEntityReference.cs
- WorkItem.cs
- ForEachAction.cs
- DataGridViewRowContextMenuStripNeededEventArgs.cs
- TypeResolvingOptionsAttribute.cs
- SerializationEventsCache.cs
- ComponentFactoryHelpers.cs
- BindingBase.cs
- XmlAutoDetectWriter.cs
- ManipulationDevice.cs
- FormsAuthenticationConfiguration.cs
- SymmetricAlgorithm.cs
- MessageSecurityOverMsmq.cs
- InteropAutomationProvider.cs
- RecordConverter.cs
- ComponentEditorForm.cs
- EventLogPermissionAttribute.cs
- ListBoxItemAutomationPeer.cs
- SqlConnectionStringBuilder.cs
- CacheChildrenQuery.cs
- NavigationFailedEventArgs.cs
- _HTTPDateParse.cs
- PageParserFilter.cs
- TouchesOverProperty.cs
- AlphabeticalEnumConverter.cs
- AttributeData.cs
- HtmlInputText.cs
- FacetEnabledSchemaElement.cs
- PeerApplicationLaunchInfo.cs
- Method.cs
- CustomValidator.cs
- RenderContext.cs