0

I was wondering about creating something that would compare to the titles implications.

There are so many websites that compare prices on goods and how they go about it is quite simple.

Please a file on the clients server, target it with your own server at any specific point in time.

So, within that file any code that is executable would only execute on authorisation.

What I commonly see is:

$required_ip = gethostbyname('admin.mydomain.com');
if ($_SERVER['REMOTE_ADDR'] != $required_ip) {
    die('This file is not accessible.');
}
// Do some stuff like turn the remote product data into xml format and export to your local server

What I would like to find out is firstly, how secure is this method? I am quite sure there are a few ways to get around this and if anyone could suggest a way to bypass this situation then that would be great!

My goal however, is to reverse this process. So that once authenticated, data can be pushed to the remote server. It is one thing to extract but another to input so I am worried that this type of functionality could create serious security issues. What I would like to do, is find out how I could possibly work around that to make what could be a safe "datapusher".

Any advice, feedback or input would be greatly appreciated; thanks in advance!

Craig van Tonder
  • 7,497
  • 18
  • 64
  • 109
  • Why not implement a REST protocol? – J A Jul 18 '14 at 11:14
  • @JA I don't know much about REST but does it require its support to be enabled? If so this would not work on when you are interacting with various installations and types of servers. Would be interested to hear any feedback in relation to this though! – Craig van Tonder Jul 18 '14 at 11:39

1 Answers1

1

(Paraphrasing your questions:)

How secure is it to do a DNS lookup and use that to authenticate a client.

Reasonably secure, though by no means perfect. The first problem is that the IP it resolves to may encompass quite a number of different machines, if it's pointing towards a NATed network. An attacker could pose as the correct remote IP if they're able to send their requests from somewhere within that network; or simply by tunnelling requests through it in one way or another. Essentially, the security lies in the hands of the owner of that domain/IP address, and there are numerous ways to screw it up.

In reverse, an attacker may be able to poison the DNS resolver that's used to resolve that IP address, allowing the attacker to point it to any IP address he pleases.

Both of these kinds of attacks are not infeasible, though not trivial either. If you're sending information which isn't terribly confidential, it's probably a "good enough" solution. For really sensitive data it's a no go.

How to ensure the identity of a remote server I'm pushing data to?

With your push idea, all your server really needs to do is to send some HTTP request to some remote server. There isn't even really any need for anyone to authenticate themselves. Your server is voluntarily pushing data to another system, that system merely needs to receive it; there's no real case of requiring an authentication.

However, you do want to make sure that you're sending the data to the right remote system, not to someone else. You also want to make sure the communication is secured. For that, use SSL. The remote system needs to have a signed SSL certificate which verifies its identity, and which is used to encrypt the traffic.

deceze
  • 510,633
  • 85
  • 743
  • 889
  • Thanks, that was really a perfect answer in in terms of assisting my understanding of this! I do see what you are saying in the first instance in that both types of attacks would be quite hard to accomplish if you already have security in mind. In the second instance, I see authentication as a requirement as I would be manipulating information that is used by various other platforms. Although my server may be pushing appropriate information voluntarily, the chance to abuse this type of access would be quite great and the effects would spell an end of my project :) SSL is the answer it seems! – Craig van Tonder Jul 18 '14 at 11:38
  • Well, true, you may want to prove *your* identity to the other party if you're pushing updates to it. There are many authentication schemes already available, from simple HTTP Auth methods to something like Oauth. Choose an existing standard. – deceze Jul 18 '14 at 12:26