Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / NetFx40 / System.ServiceModel.Discovery / System / ServiceModel / Discovery / UdpDiscoveryMessageFilter.cs / 1305376 / UdpDiscoveryMessageFilter.cs
//---------------------------------------------------------------- // Copyright (c) Microsoft Corporation. All rights reserved. //--------------------------------------------------------------- namespace System.ServiceModel.Discovery { using System.ServiceModel.Channels; using System.ServiceModel.Dispatcher; // This class provides a mitigration to the DDOS threat when using Discovery APIs with // UDP multicast transport. // // The Probe and Resolve request are sent multicast and are not secure. An attacker can launch // a third party distributed DOS attack by setting the address of the third party in the ReplyTo // header of the Probe and Resolve requests. To mitigate this threat this behavior drops the // message that have ReplyTo set to a value that is not annonymous by setting appropriate // message filter. // class UdpDiscoveryMessageFilter : MessageFilter { MessageFilter innerFilter; public UdpDiscoveryMessageFilter(MessageFilter innerFilter) { if (innerFilter == null) { throw FxTrace.Exception.ArgumentNull("innerFilter"); } this.innerFilter = innerFilter; } public MessageFilter InnerFilter { get { return this.innerFilter; } } public override bool Match(Message message) { if (message == null) { throw FxTrace.Exception.ArgumentNull("message"); } if (InnerFilter.Match(message)) { bool isMatch = ((message.Headers.ReplyTo == null) || (message.Headers.ReplyTo.IsAnonymous)); if (!isMatch && TD.DiscoveryMessageWithInvalidReplyToIsEnabled()) { TD.DiscoveryMessageWithInvalidReplyTo(message.Headers.MessageId.ToString()); } return isMatch; } return false; } public override bool Match(MessageBuffer buffer) { if (buffer == null) { throw FxTrace.Exception.ArgumentNull("buffer"); } return this.Match(buffer.CreateMessage()); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- APCustomTypeDescriptor.cs
- ColumnTypeConverter.cs
- MenuBase.cs
- UserUseLicenseDictionaryLoader.cs
- XmlCDATASection.cs
- MsmqIntegrationBindingCollectionElement.cs
- GPPOINT.cs
- SQLSingleStorage.cs
- TextDecorations.cs
- PersonalizablePropertyEntry.cs
- ObjectView.cs
- XmlEventCache.cs
- DateTimeValueSerializer.cs
- XmlSchemaObjectCollection.cs
- CodeExpressionStatement.cs
- DataTableMapping.cs
- FlowDocumentPaginator.cs
- __ComObject.cs
- PageBuildProvider.cs
- BufferedStream.cs
- ProfilePropertySettings.cs
- DoubleMinMaxAggregationOperator.cs
- WorkflowViewElement.cs
- SafePEFileHandle.cs
- Debug.cs
- SoapSchemaExporter.cs
- BreakRecordTable.cs
- ContentElementCollection.cs
- Variable.cs
- UnsafeNetInfoNativeMethods.cs
- SafeTokenHandle.cs
- COM2IDispatchConverter.cs
- NamespaceCollection.cs
- HostDesigntimeLicenseContext.cs
- AssemblyCollection.cs
- IdleTimeoutMonitor.cs
- SecurityIdentifierElementCollection.cs
- MarginCollapsingState.cs
- GatewayDefinition.cs
- DirectoryObjectSecurity.cs
- XmlSerializerAssemblyAttribute.cs
- CodeExpressionCollection.cs
- PropertyBuilder.cs
- LogicalTreeHelper.cs
- ExpressionBuilder.cs
- DbProviderConfigurationHandler.cs
- IndexerReference.cs
- ContextStaticAttribute.cs
- CompositeFontFamily.cs
- StylusPointPropertyInfo.cs
- RelationshipConverter.cs
- ControlCodeDomSerializer.cs
- DataColumnMappingCollection.cs
- InteropAutomationProvider.cs
- FormatSettings.cs
- CounterSetInstanceCounterDataSet.cs
- CodeExpressionRuleDeclaration.cs
- SQLInt64Storage.cs
- Frame.cs
- InputGestureCollection.cs
- CanExecuteRoutedEventArgs.cs
- NativeActivityMetadata.cs
- PersonalizationEntry.cs
- ComponentRenameEvent.cs
- FileStream.cs
- RichTextBoxContextMenu.cs
- SqlProfileProvider.cs
- CorrelationToken.cs
- PlaceHolder.cs
- FormViewUpdatedEventArgs.cs
- SignerInfo.cs
- RequestQueryProcessor.cs
- OutOfProcStateClientManager.cs
- DetailsViewDeleteEventArgs.cs
- UnsafeNativeMethods.cs
- StateItem.cs
- ExpressionLink.cs
- StoreAnnotationsMap.cs
- MailAddressCollection.cs
- WindowHideOrCloseTracker.cs
- VisualStyleRenderer.cs
- BaseAsyncResult.cs
- bidPrivateBase.cs
- translator.cs
- GetCardDetailsRequest.cs
- ToolStripHighContrastRenderer.cs
- PeerHelpers.cs
- ExpressionDumper.cs
- GPPOINT.cs
- BitmapEffectOutputConnector.cs
- PasswordRecoveryAutoFormat.cs
- DivideByZeroException.cs
- ColorTransformHelper.cs
- DrawingContextDrawingContextWalker.cs
- ZipIOEndOfCentralDirectoryBlock.cs
- StringConverter.cs
- Memoizer.cs
- NamespaceQuery.cs
- sqlstateclientmanager.cs
- MouseGestureValueSerializer.cs