[jdev] Jabber Spoofing on unique server

Alexey Nezhdanov snake at penza-gsm.ru
Fri Apr 1 04:44:50 CST 2005


В сообщении от Пятница 01 Апрель 2005 11:51 micky501 at free.fr написал(a):
> > Dialback prevents hostname spoofing. Servers are also required to
> > enforce the from address to make sure that it matches the username
> > with which the client authenticated.
> >
> > > Does someone know how to spoof a JID ?
> >
> > Um, we deliberately made that hard to do.
>
> Great !! Another reason for users to prefer Jabber to MSN !!
>
> But I'm working on a subject where I have to proove that we need tokens to
> authenticate the users who want to chat with our IM client (based on
> Jabber). For this reason, I'm looking for a way to spoof a client ID. Even
> if it's hard to do, I would like to know where I can find the description
> (or the source code) of the mechanism employed by a Jabber server.
You will be able to do that within your and only in your server. You will need 
to modify server code probably, so read the docs that come along with server 
and read source code.
>
> Thanks
> Michaël


-- 
Respectfully
Alexey Nezhdanov




More information about the JDev mailing list