polarbear316
October 3rd, 2008, 01:28 AM
Background:
We are having a problem with ftp users deleting content either accidently or intentionally. Unfortunetly the ftp logs only log an occurance of a download or upload, it doesnt log deletions renames etc. Furthermore our virtual host does not allow changing an ftp accounts permissions. So any ftp account that is setup has full read full write no matter what. The virtual host will not setup / or tell us how to make an ftp account with read only access. And at this point in time we cant switch hosts either or get our own server.
To work around this I created a Java ftp program(for cross platform compatibility) with only read functions absolutely no write type functions. The application verifies the user using there regular site information, then sends a encrypted login info. The program then decrypts and uses the info. The problem is any user having a packet sniffing program could look at the traffic to find the login information to the ftp account.
So now instead of using java im thinking about using C++ to do the application, so that I could do something to stop the use of packet sniffing or like programs.
The thing is im not that knowledgeable in this area. So what i am asking for is for some way of denying packets to any other program besides the ftp client that i make. So far my logic has led me to believe i could do something like api hooking to accomplish this.
I know a good enough amount about api hooking and such. At least thats what i think im going to have to do (hooking into the apis) just dont know where to start
I know there are librarys like winpcap and the *nix version librarys for packet sniffing but Im not sure those can be used to bloke the packets also, plus i would like to learn how to program it myself.
Now for this u can assume the program will run on 98/XP/Vista. I will also programming for linux and mac so if anyone is knowledgeable in those areas feel free to drop the knowledge, but its not required as i want to get a windows version working first
Also if there's weak spots in doing it this way it wont matter as we have already agreed that only a small percentage of our users would know how to get around such things and if they do we just let it go and try to track them down through some logs even though most of them dont log what we want.
We are having a problem with ftp users deleting content either accidently or intentionally. Unfortunetly the ftp logs only log an occurance of a download or upload, it doesnt log deletions renames etc. Furthermore our virtual host does not allow changing an ftp accounts permissions. So any ftp account that is setup has full read full write no matter what. The virtual host will not setup / or tell us how to make an ftp account with read only access. And at this point in time we cant switch hosts either or get our own server.
To work around this I created a Java ftp program(for cross platform compatibility) with only read functions absolutely no write type functions. The application verifies the user using there regular site information, then sends a encrypted login info. The program then decrypts and uses the info. The problem is any user having a packet sniffing program could look at the traffic to find the login information to the ftp account.
So now instead of using java im thinking about using C++ to do the application, so that I could do something to stop the use of packet sniffing or like programs.
The thing is im not that knowledgeable in this area. So what i am asking for is for some way of denying packets to any other program besides the ftp client that i make. So far my logic has led me to believe i could do something like api hooking to accomplish this.
I know a good enough amount about api hooking and such. At least thats what i think im going to have to do (hooking into the apis) just dont know where to start
I know there are librarys like winpcap and the *nix version librarys for packet sniffing but Im not sure those can be used to bloke the packets also, plus i would like to learn how to program it myself.
Now for this u can assume the program will run on 98/XP/Vista. I will also programming for linux and mac so if anyone is knowledgeable in those areas feel free to drop the knowledge, but its not required as i want to get a windows version working first
Also if there's weak spots in doing it this way it wont matter as we have already agreed that only a small percentage of our users would know how to get around such things and if they do we just let it go and try to track them down through some logs even though most of them dont log what we want.