MSMQ questions

**nospam** · November 15th, 2003, 11:02 AM

dear all:

1. after a message is queued for sending on the MSMQ client, can the sender modify the content? if so, how can i prevent the user from modifying the content?

2. how can i find out the identity of the user who sent the message at the server side?

3. do i need to install any additional software for win2k and xp if i want to send messages using MQ?

thanks.

**Andreas Masur** · November 15th, 2003, 05:15 PM

[Moved thread]

**Waldo2k2** · November 20th, 2003, 09:35 PM

Well, I don't know everything about it, but, with sender being the software, yes it can modify it, but I assume you're referring to the user, in which case no the user cannot modify the data after it enters the queue. At that point the software has control of it.

**nospam** · November 21st, 2003, 05:16 AM

thanks... can the user write a program to modify stuff in the queue before it's sent out?

**Waldo2k2** · November 21st, 2003, 01:47 PM

yes it's possible to do such a thing if the user knew enough about the structure of the program's queue...I dont' think most people could do this, or would waste their time doing so. I'd say less than 1% of the people who are programmers would even attempt...what's your application of this like? Why is this so important (for curiosity's sake).

**nospam** · November 21st, 2003, 07:55 PM

thanks again... it is an enterprise security logging system. we don't want users to be able to modify the secuirty logging information that is queued before sending to the centralized logging server.

**Waldo2k2** · November 22nd, 2003, 12:35 AM

Well I suggest first encrypting the information using at least 128 bit encryption. Then, force the server to acknowledge whether information has been sent or not, if not, little red lights go off and someone is tampering with the system. Pretty straightforward.

Thread: MSMQ questions

Thread Tools

Display

MSMQ questions

Posting Permissions