Socket Security

Microsoft documents a possible network security risk in the Windows socket implementation when using a network socket with the SO_REUSEADDR option. The possibility exists for a network application to steal the port of another application, which could lead to a “denial of service” attack or data theft.

In general, socket security applies to a server-side network process that binds to a specific port, which accepts connections and receives IP datagram traffic. A client application can also be affected if it must bind to a specific port.

The Windows socket implementation provides the SO_EXCLUSIVEADDRUSE socket option that should be used if socket security is a concern in your application. For more information regarding the use of SO_REUSEADDR and SO_EXCLUSIVEADDRUSE, please see:

msdn.microsoft.com/en-us/library/windows/desktop/ms740621%28v=vs.85%29.aspx.

The following examples demonstrate setting the SO_EXCLUSIVEADDRUSE socket option using the Networking package.