[Discussion] Packet editing.

[Tony]

Since The enigma Protector is really good in protecting its exe from memory editing. But what protecting an exe that will send packets to a server. Tools like Packet Editors and stuff, anyway ways we could prevent packet editing? Blocking the software from the process block is kinda useless because there any many scripts to Mask a software.

[scorillo7]

You are a man in a mission,Tony.Don't you?

[Tony]

A mission to make The enigma protector better. So, do you have any ideas?

[scorillo7]

Tony,i think you do not understand very well how protocols work and how app comunicate with servers.It is very difficult what you wanna do.
Enigma do not interfere with how code inside work,it must deliver after protection the same results as one not protected.If "scramble" the comunication between server and protected app then you have a problem.Let's say you are polish and i am polish too ,if enigma interfere and transmit in russian language ,i(server) do not understand nothing.The same language must be in the both way.the single way to rezolve that is a ssl comunication.You say stopping the packet editing tools is the way,i dissagree with this.You never,never stop the sniffing tools to run.May be you see some inconsistent logic here but i go to the source of you're problem

[Tony]

Yes, I am not talking about encrypting or modifying the packets, maybe we could find a way so enigma could check the packets if they were modded with the same structures,signatures or whatsoever.

[scorillo7]

for the sake of disscution,how can enigma will protect unless communicate with protected app.first protected app must send this packet to Enigma create some sort of hash and then send it to server.I'm very skeptical that it can be done because direct is not possible.So one aproach is the enigma to make same that a packet editor do, but must be ALWAYS at the very ending of flux after any packet editor.From my point of see i think is not direction where enigma must go next,it has many things behind(not protection) like Online Activation of the key,improvement of reverse clock function.This is direction to catch more customers,but direction of development is exclusive to Vladimir.
Remember Tony that Enigma is firstly first a comercial app,it must generate revenue, and i as programmer or customer i'm not interested in protecting the packet flow or integrity flow for a app because i can protect this with ssl or encrypting the request to the server.Problem solved for me.Which interested me (and i guarantee for other) is to have control over the protected application which i sold.

[Enigma]

scorillo7 - thanks for the useful posts!

Tony, I also agree with scorillo7:
- this method really requires 2 sides development, one on the client side (imagine it is Enigma protected application) and the server (no ideas what is it) that will check valid or no requests it gets,
- even if this will be done, do you think packets editors could not modify signed/hashed requests? They can!
- as scorillo7 saied, maybe try SSL conncetion?

[Tony]

Thanks for the advice folks. I was a bit confuse myself. So there is any other way I could stop packet editing from client side? Or do I have to go to the SSL connection on server side?

[Enigma]

Looks like you really have to look at the SSL. I do not think you find another quicker solution.

SSL itself is what you are looking for, it encrypts packets, and also hashes them to avoid getting invalid data.