When you enable the optional internal HTTP server, what is the risk of hackers utilizing http?
Do you enable a complete, commercial HTTP server or just a special, limited program for Winflector?
thanks for the insight.
Bob
Forum
>
Product technical support
>
What hacker risk from use of internal HTTP server
Zaloguj się aby móc pisać na forum.
|
Autor: BobBob Data: 2018-07-19 01:28:42 |
|
|
Autor: Mirek (staff) Data: 2018-07-20 14:54:50 |
There is always a risk... The HTTP/HTTPS server is embedded in Winflector server. It is very limited version only for use with Winflector. From version 396.x it uses additional SSL protocol for encryption. |
|
Autor: BobBob Data: 2018-08-02 21:37:44 |
Support staff posted additional information in the thread "Running Apps via Winflector from a Mac" https://www.winflector.com/store/forum/topic-view/id/360 "the HTTP server is our own internal implementation. There is nothing to steal, nothing to inject, no commands to hack. Plus there is a SSL layer and our own encryption algorithms." This provides additional information that shows they are not just implementing a separately build IIS-type server in their software. eliminating the potential for "injection" attacks is key to the security. IMHO Bob |
1
Zaloguj się aby móc pisać na forum.
