Seeking advice on how to proceed.
Best Answer
-
With a server plugin running, you'd have to check if you got any message earlier and skip processing.
A simple approach would be to add a sequence number. This can be hacked easily, of course, if it's just one number somewhere in the data. There should be ways to encode the sequence into the data or you simply encrypt the message.
Disclaimer: I am not a security expert, nor does the Photon team provide security consulting as such. So consider this a simple idea and make sure you know the implications of this.
0
Answers
-
Hey guy, try that
__________________
private bool replay=false;
If (replay==false&& otherCondition==true)
{
ReplayAttack()
replay =true;
}
/*Then you reset replay to false in other moment that you need to ReplayAttack again*/
0 -
Thank you for your reply.
But the answer I want is to prevent replay attacks on my backend server.
There is no way to check when the resulting processing is sent from the client to the backend, so when sending the same information over and over again, I want to process the same information only once.
0 -
With a server plugin running, you'd have to check if you got any message earlier and skip processing.
A simple approach would be to add a sequence number. This can be hacked easily, of course, if it's just one number somewhere in the data. There should be ways to encode the sequence into the data or you simply encrypt the message.
Disclaimer: I am not a security expert, nor does the Photon team provide security consulting as such. So consider this a simple idea and make sure you know the implications of this.
0