[jdev] Jabber Spoofing on unique server

micky501 at free.fr micky501 at free.fr
Mon Apr 4 02:19:39 CDT 2005

Joe Hildebrand <hildjj at gmail.com> wrote :

> And can you let us know what your domain names are going to be, so we can
> blacklist them, please?

The server is for a private use within my company. I work in the laboratory of
R&D so don't worry our server is not available for people from the web. I'm
just looking for some information about the process of authentication and
verification of the "from attribute". My job is improving the security within
my company, not hacking and spoofing Jabber servers all over the world.
Why do you think that giving me the way Jabber verifies the from attribute is
dangerous ? Security must not be built on secret. On the contrary, I think the
more we know, the better we can improve our system.

Hope some people think like me and will help me.


More information about the JDev mailing list