CheapChat: a Java-based chat application

1. CheapChat: a Java-based chat application Nicolas Ducheneaut Mike Gebbie Barbara Rosario SIMS, Spring 2000

2. Chat application with Port Scanner • 2 modules: • Port Scanner • Chat application acting both as a server and a client

3. Port Scanner Possible Ports: (0–1023) (1024–49151) (49152-65535)

4. Port Scanner findTheApplicationPort(Host Address, Start Port, End Port ) Keep Trying… Possible Ports: (0–1023) (1024–49151) (49152-45535)

5. Port Scanner CheapChat “Client” CheapChat “Server” (Port 50005)

6. Port Scanner CheapChat “Client” CheapChat “Server” (Port 50005) Try 50000… Timeout …

7. Port Scanner Invoke! CheapChat “Client” CheapChat “Server” (Port 50005) PortScanner PS

8. Port Scanner CheapChat “Client” CheapChat “Server” (Port 50005) Try 50001… PortScanner Try 50002… PortScannerThreads Try 50003… Try 50004…

9. Port Scanner Connect at 50005 CheapChat “Client” CheapChat “Server” (Port 50005) PortScanner PortScannerThreads Authenticate: “Are you a CheapChat server?”

10. Port Scanner CheapChat “Client” CheapChat “Server” (Port 50005) PortScanner PortScannerThreads Reply: “I am a CheapChat server!”

11. Port Scanner Connect at 50005 CheapChat “Client” CheapChat “Server” (Port 50005)

12. Chat 1: first to start Chat

18. Problems and potential remedies • Main weakness: clear-text administrative messages sent over the communication channel • > Solution: use two separate data streams instead • No way to know in advance if someone is on-line • > Solution: adapt the port scanner and use it before the application is launched

19. Thank you for your attention Questions? Comments?