[jdev] Jabber Spoofing on unique server
micky501 at free.fr
micky501 at free.fr
Fri Apr 1 01:51:29 CST 2005
> Dialback prevents hostname spoofing. Servers are also required to
> enforce the from address to make sure that it matches the username
> with which the client authenticated.
>
> > Does someone know how to spoof a JID ?
>
> Um, we deliberately made that hard to do.
Great !! Another reason for users to prefer Jabber to MSN !!
But I'm working on a subject where I have to proove that we need tokens to
authenticate the users who want to chat with our IM client (based on Jabber).
For this reason, I'm looking for a way to spoof a client ID. Even if it's hard
to do, I would like to know where I can find the description (or the source
code) of the mechanism employed by a Jabber server.
Thanks
Michaël
More information about the JDev
mailing list