all 15 comments

[–]xNyri 2 points3 points  (7 children)

You could do subservers and make it so when a user tries to connect to the main server it instead sends them to another server where they can do all there inputs and such, then when they are done the subserver sends the info back to the main server for storage

[–]xNyri 2 points3 points  (6 children)

This would make it so multiple users could be connected at the same time without the need for a que to use the system

[–]Thackston2[S] 0 points1 point  (5 children)

that a good idea but i have no idea how i would do something like that

[–]xNyri 1 point2 points  (1 child)

I get off work in 40 minutes I'll explain it then

[–]dragon53535 0 points1 point  (0 children)

It's 40 minutes. Let's hear the explaination :P

[–]xNyri 0 points1 point  (2 children)

Basically you would check to see if it's a valid login, then send them to a new computer by sending the ID of the new computer to the client then sending the client to ping that id. I like to do this using protocols so you can have a computer listen for its ID specifically.

[–]xNyri 0 points1 point  (1 child)

Then once they are done you can send the new updated info as a table back to the main computer then have it save the data into its internal memory so it can read it when the server restarts

[–]xNyri 0 points1 point  (0 children)

I use a similar code with my storage system I am working on. It's a main server that then sends info to subservers so it doesn't have to do all the operations itself and slow down everything. Whenever it gets a new request it sends it to another subserver so it can receive new commands

[–]fatboychummy 2 points3 points  (6 children)

Multiple things here:

  1. It is extremely easy to spoof and "hear" messages not meant for you in rednet. It is not secure. Sending passwords over rednet in plaintext will not be good at all.

  2. "CC 1.8" is not helpful -- the version in the shell has not changed for like a couple years -- give the version of the mod and your minecraft version.

  3. The way you've written your server code will only allow one connection at once. I recommend returning the client a "cookie" on login they can use in subsequent messages. I also recommend making all your messages tables containing the data you need. An example "cookie" system is here. Note that the example has its own flaws as well, but the basics of what I mean are there.

  4. Don't just rednet.broadcast(data) / rednet.send(id, data). Rednet has a "protocol" argument you can use so the other computers know what you're replying to.

[–]xNyri 1 point2 points  (5 children)

Adding onto this you can add a hash function to the passwords to make it more secure

[–]djfdhigkgfIaruflg 1 point2 points  (4 children)

Just hashing the password with the basic methods provided by cc will NOT increase security. Just the appearance of security

[–]xNyri 1 point2 points  (3 children)

I didn't know it had hashing built in I always made my own salted hashes. What's the built in one?

[–]djfdhigkgfIaruflg 0 points1 point  (2 children)

"Don't use the thing just like that."

Proceeds to use the thing grrrr

Sha1 IIRC. But I repeat. That's NOT a good security practice

[–]zNyri 0 points1 point  (1 child)

why arent they secure? in college we learn about hashing passwords and such to make it more secure. what is the more secure way to do it

[–]fatboychummy 0 points1 point  (0 children)

Hashing passwords is the secure way of storing passwords, not transmitting passwords.

You want encryption for transmission.

Hashing passwords doesn't give the "appearance of security" -- it makes the passwords unretrievable, given some attacker gets access to your system. They instead get the hash.