[jdev] Jabber Spoofing on unique server
Alexey Nezhdanov
snake at penza-gsm.ru
Fri Apr 1 04:44:50 CST 2005
В сообщении от Пятница 01 Апрель 2005 11:51 micky501 at free.fr написал(a):
> > Dialback prevents hostname spoofing. Servers are also required to
> > enforce the from address to make sure that it matches the username
> > with which the client authenticated.
> >
> > > Does someone know how to spoof a JID ?
> >
> > Um, we deliberately made that hard to do.
>
> Great !! Another reason for users to prefer Jabber to MSN !!
>
> But I'm working on a subject where I have to proove that we need tokens to
> authenticate the users who want to chat with our IM client (based on
> Jabber). For this reason, I'm looking for a way to spoof a client ID. Even
> if it's hard to do, I would like to know where I can find the description
> (or the source code) of the mechanism employed by a Jabber server.
You will be able to do that within your and only in your server. You will need
to modify server code probably, so read the docs that come along with server
and read source code.
>
> Thanks
> Michaël
--
Respectfully
Alexey Nezhdanov
More information about the JDev
mailing list