Home All Groups Group Topic Archive Search About

Binary Formatter not suitable accross firewalls

microsoft.public.dotnet.framework
Author
25 Feb 2006 6:46 AM
Sathyaish
[QUOTE
src="http://www.codeguru.com/Csharp/Csharp/cs_syntax/serialization/article.php/c7201/"]
The BinaryFormatter class is generally not appropriate when data is
meant to be passed through a firewall.
[/QUOTE]

Why?

Author
25 Feb 2006 12:11 PM
Vadym Stetsyak
Hello, Sathyaish!

S> [QUOTE
S> src="http://www.codeguru.com/Csharp/Csharp/cs_syntax/serialization/artic
S> le.php/c7201/"] The BinaryFormatter class is generally not appropriate
S> when data is meant to be passed through a firewall.
S> [/QUOTE]

IMHO the author meant that Firewalls are performing some sort of data analysis when checking data traffic. The possibility that they suspect something in binary data is large. Firewall will 'think' that data is malicious and won't pass it. Thus receiver will not get the data and you will have probems.

OTOH is depends what channel you use. If you're using some custom protocol to transfer data, then there is no difference what the data is SOAP message or binary one. If you use for instance HTTP then binary data is simply wrapped with HTTP header info and sent over network.
--
Regards, Vadym Stetsyak
www: http://vadmyst.blogspot.com
Author
25 Feb 2006 6:03 PM
William Stacey [MVP]
That is only because for some reason people have the impression that
anything non-http on port 80 is a problem.  It is not.  Remember your just
sending bytes over TCP.  That would be like saying any byte stream using tcp
will have issues.  If that was the case, ftp, telnet, smtp, dns, etc, would
all have issues.  It is true, however, that by default many firewall admins
allow http over port 80 and specific known tcp ports like ftp and smtp and
block everything else by default.  So they manage by exception - which may
be reasonable.  So the real issue is the firewall rules, not the
binaryformatter.  If the rules allows your port over tcp, then all should be
well.  If not, then your blocked.  This is not an issue in my mind.  Just
need to decide what to block and what to allow at the firewall.

--
William Stacey [MVP]

"Sathyaish" <sathya***@gmail.com> wrote in message
news:1140849969.453434.99720@t39g2000cwt.googlegroups.com...
| [QUOTE
|
src="http://www.codeguru.com/Csharp/Csharp/cs_syntax/serialization/article.php/c7201/"]
Show quote
| The BinaryFormatter class is generally not appropriate when data is
| meant to be passed through a firewall.
| [/QUOTE]
|
| Why?
|

AddThis Social Bookmark Button

Post Other interesting topics
test for .net 2.0
Custom paper size problem
My website : Opinions please.
Exceptions thrown by Web Services
Sortable, Bindable Object Collection?