How Firewall & Spyware Apps might affect your application?

[chasetoys]

I have need to open a socket to grab packets from an outside server. I have many questions about this undertaking.

The socket needs to transfer data back and forth between the client and the server.

* Is there an easy framework for this in MFC?
* Static vs. Dynamic port requests.... Should we use the same port each time we run the application? Or should we use dynamic ports?
* If we use dynamic, does that mean the Windows firewall will pop up a message saying "Hey, please verify that you want this app to access the internet?
* If we use static ports, how can we gaurantee that no other app is using the same port when we request it the first time.
* If we use static ports, how do we prevent other applications from stealing our assigned port?
* Do developers usually go to the firewall makers and try to get their applications pre-approved?
* Is there a way to be 'pre-approved' for most firewalls?

Spyware Questions (we certainly aren't spyware, we just want to make sure we're not labeled as such):
* Are there any certification programs you can go through to verify your app is not spying?
* Are these effective in terms of convincing users you're a good person?
* Same kinda question as above, is there a way to get pre approved for spyware companies and let them know who you are so they won't label you as such.
* Any other hints in terms of not being labeled this app-killing adjective?

Thanks very much in advance!

[Amn]

1. Look up 'CSocket' class. It's part of MFC for dealing with IP network comunication. Not very professional, but can give you a good start. If you know how networks work and programmed it would be easier, if you dont, i would recommend you learn the Berkley socket API (its more of a standard than MFC), WinSock (WinAPI implementation of sockets), and generally about 'sockets' as a concept.

2. Both are quite smart ideas for two different reasons. The IANA organisation is an authority keeping track of well known registered port numbers, and they have pretty much all 65535 ports reserved. Which also means, that you cannot trust it too much, since there is definitely more than a single app per port BUT it IS an authority, and firewall makers and such do listen to them. You CAN register your own port number as static with them, and gradually firewall makers will adapt your number. Its a question about trust, time-test, and popularity. Dynamic ports is also a good idea, because it gives you flexibility (find first available port) and 'stealth' (like operating on a random radio frequency). Most apps use both approaches, especially not very well known ones - have an 'official' port, but since it is not widely accepted yet, they also allow for arbitrary port input. It all depends what level of penetration are you aiming at with the app. Skype was going big, and they needed a very well defined set of ports, because they are highly dependent on firewalls to support them.

3. Yes. Unless it is a traffic-inspection rule based firewall, it will have accept-deny rule for port numbers as opposed to traffic (like HTTP), and cannot identify same traffic on different port numbers, so it needs a strict rule as to which number is 'allow' and which is 'deny'. Shorter put, dynamic port model will have a simple firewall popup a warning. And since most firewalls are simple in this regard, you are worse off with dynamic ports.

4 and 5. IANA again. Its like a "first man to the mill". Make sure your port number is not occupied, have it registered and wait If everybody follows this approach, port conflicts will not happen so often. You can also have a second reserve port number (registered as well), in case your primary port number is conflicting too much. You cannot use an occupied (in use) port, period. This means no one else can steal the port number in use by you, either.

6. Yes, they do. Thats why big shot companies have no problem usually.

7. No, not unless you either use a well known port number such as one for SMTP traffic (25), or your traffic 'fingerprint' resembles known traffic schemes such as HTTP, SMTP, POP etc.

Spyware
-----------

1. There exist number of authorities which provide these kind of services, and given the varying degree of influence, you will gradually get a good reputation from them, if your app indeed is a good-ware Microsoft offers a "Designed for Windows XP" thing, its a very good sign that your app is good. I dont know exactly how to proceed with these things, but there is a way. Makers of anti-spyware (Ad-Aware etc) software also offer, free or for fee, to verify your app and put it on their list of "approved" applications.

2. Yes and no. Depends on their own influence. Nobody can convince a user as much as their own home-grown trust in yor service. If you made a malware app, and miraculously have it "Designed for Windows XP" certified, your popularity will stagnate and you will end up in hell anyway. Internet community is pretty fast with catching up to reality

3. Look at #1

4. Write good code, dont create esoteric API's such as Sony's Sonic Stage software requiring three NT services running in background, even when it is not in memory itself. Keep it simple, if you are building a desktop GUI application for a simple thing, don't complicate things too much, you risk a chance of having your app being labeled as "heavy and intrusive", and thats a step towards spyware world.