On Fri, 01 Jul 2005 14:37:18 EDT, Tim said: > > Give them a DLL that just tosses an RPC call to a secured server that you > > manage. > > And how would your server differentiate between a "good" RPC call and a > "bad" one? Well - you *do* have some idea of what sort of abuse you're trying to stop, right? If they're not allowed to call it more than X times/hour, rate limit your RPC server. Or apply whatever other checks you want to. At least you (hopefully) don't have to worry about the user running your server under a debugging tool to reverse engineer it. :)
Attachment:
pgps4G9FhwUOG.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/