Can people hack my network sockets?

Very simple question. But I just cant seem to find the answer on the internet, much less the question even. From what I know, sockets are the endpoint between bi-directional communication. So does that mean that the only people who can get access to the data that is being sent and received is are the people who are running the sockets? Or can someone, like the government, collect the data from between the server and client sockets?

And another question. If a computer’s IP address changes if the person on the other end of a socket powers off and then powers back on. Then how can it be possible for two different computers on two different networks to “stay connected”?

With normal “Internet traffic” (i.e. TCP/IP and UDP/IP), any number of people have the opportunity to intercept your information as it goes from your computer to another computer. You cannot fully hide the fact that you are communicating with somebody (though you can may it very difficult though Tor) but if you use the correct encryption then you can prevent them from understanding what is being sent.

If you want to have 2 computers stay connected every time they connect up, then you have to have at least 1 computer that has a statically assigned IP address. That might be one of the 2 computers in question or it might be a 3rd server. For example, Skype keeps a set of server/nodes running with known address. When you start your Skype client, your machine registered its address with the static machine and asks those machines for the address of the people in your contact list. That is how you are able to call and be called directly. If you have only 2 machine then one has to have a static address so that every time the other one starts up it can call the static machine and connect up.

Having 2 machines with dynamic address cannot ensure that they will always be able to connect. Though dynamically assigned IPs from ISPs tend to change rarely.

That was VERY informative. And my guess is that the ONE computer that DOES have the static ip address, is the one that the server socket must be running on. As apposed to the client. Right? If then, what if my static machine is a laptop or a netbook? Would the ip address change as it connects to various different networks since its mobile?

typically how any ip connection works is, lets say you connect to FTP (port 21), generally speaking, multiple sockets will open (at random numbering) and be "forwarded) to port 21. The traffic is “tagged” on the way out and on the way in. Actually “sniffing” the data packets generally has so much noise that it’s hard to cypher. There are plenty of freeware apps out there that can “Sniff” those packets and parse useful info, but there still isn’t a way to tell what is exaclty what. the reason people use HTTPS or TOR is because tor encrypts the packets in between multiple connections, each having their own encryption key with a master key being on the “end”. IN regards to game, your easiest manner is just encrypt the data via SSL, but good luck w/ resonable ping times as each one of those processes takes time to decrypt before being “read”.

So if client connects to host on port X, multiple sockets are opened on both the server and client without matching socket numbers, to help speed up the process and to prevent data collisions on the same port. The whole point of a router is to figure out where the data is trying to get.

So sockets that are spawned after the initial connection are meant for speed and less data collisions… but I suppose I could get away with using only a single socket connection if I just wished to transfer simple strings, like a peer to peer chatroom. Right? And if I structured my program to “be nice and take turns with its counter socket” when transferring simple strings, could I avoid collisions?

Your IP won’t necessarily change just because you are using a laptop or a netbook. Most laptops/netbooks are configured to ask the access point what their IP address should be when they connect up to the AP. That is a feature so that it is very easy to connect to different wireless networks. It is possible to get a static IP address (you have to request this from your ISP) and tell a laptop to use that address. Then the laptop would only easily work on your home system but its address would stay the same. If you were on a home system behind a your router/AP then there are port forwarding/NAT issues that you have to address to get your laptop to be truly globally accessible.

If you use UDP connection then you only need a single socket open to exchange data. The downside is that there is no guarantee that the data you send across the network will arrive (most of the time it does) or if it will arrive in the order that you sent it. If you use a TCP connection then only 1 client can use a socket at a time and it works szupek describes.

With a UDP system it is straight forward to simply read data from a single socket, see who the data is from, and process it accordingly. With TCP you have to setup a state system and there are events that you handle. You get an event when a client tries to connect and then ‘accept’ that connection which automatically spawns the new socket. Then you have to keep track of that socket/connection and read/write data on it and eventually close it down.

Gosfather, you heard something but had no idea, let me tell you in simple how computers communicate.
You go to a web site, actualy try nslookup
Your going to some IP address (nslookup resolves a DNS name to an IP).
But then you know their address specific service from
For that you need to go for a specific room number, room 80 handles web trafic.
And not only room 80, often also room 8080, or some number choosen by the destination server.

So then you can brouwse to google
Its not that google can brouwse to you, first of all you dont have a room 80 at your apartment as you dont run a web server.
And also your firewall know that web trafic is to from your requests on the internal side only.

But then you want to send an Email, Email isnt handled by room 80, thats done by room 25 of
There you can sent your email to their mail server, but to retrieve Email from their server… well then you might need another room number
for example room 110, oh sure they have sky scrapers there.

So You use an application, that make use of an IP netwerk to find servers, where you use protocols who talk to a room number, acka socket.
A computer uses sockets depending on the software that is installed on it, and there are standard room numbers, and sometimes they change room numbers, here is list of such numebrs on wikipedia

And whats that UDP /TCP talk ?..
Well all applications use TCP or UDP or both as a way of talking.
For example an Email or a website uses TCP, so every email data is controled delivered with a recieve validation return.
But sometimes you dont care that every data is guaranteed delivered and resend if data was missing.
For example when you do video skype, your more concerned that your voice is clear, while the video stream might be blurry once in while. To make that possible they dont check if all data got recieved and they dont resend data, they just boradcast and you just recieve what you can, and if you miss a bit of data it wont be a problem, because you dont mind much about it, as delivery checking would only take more bandwidth from you video stream.

If you have to request a static ip address from the isp. Then why are there so many articles online that make is sound as simple as a command prompt routine?


so basically, the internet is comprised of sockets!! Thats awesome how sockets are part of pythons standard library.

It is usually fairly simple to configure a computer to have a static IP address once you have the address. But you have to get that address from your ISP.

All the computers on the Internet have an IP address assigned to them. Just like if you want to call somebody on the phone, you need to know their phone number. Most computers on the Internet work are like people working in a call center. They spend all day calling people and talking to them, but nobody calls them back. The people in the call center don’t generally know their own phone number. They dial out and get the company gives them a phone line to make their call. All that matters is that the call center can reach the person they are trying to talk to.

That is how your laptop works most of the time. Your laptop calls people (Google, Facebook, BlenderArtists, etc) and you know their number. You have a number too, but since nobody has to call you back, you don’t even know what that number is.

You want people to be able to call you directly, so now you need a number (IP Address). Each computer has to have a unique address just like you can’t have 2 phone with the same phone number. Normally, your ISP does not give you a fixed number because 99.99% of their customers just need to call FB and Google. So they get a random address for a period of time and that number later gets reused when you are done with it.

If you want a static address, then you have to get it from your ISP because they have to setup their system to know that you always get the same address and that address should not be given to anybody else. You cannot pick your own address because you have no way to know what address are not being handed out dynamically and your ISP won’t know how to route traffic to you.

Yes, “The Internet” is made up of sockets. “The Internet” is a network of networks connected though an agreed set of rules called the “Internet Protocol” or IP. Data moves though The Internet as TCP packets or UDP packets and hence the Internet is data moving around networks by TCP/IP or UDP/IP.

Python has a built-in support for TCP/IP and UDP/IP programming because that is how you access The Internet.

If i want to connect my two computers that are on two different networks. Must my client connect to my server using the servers WAN address? Or my 192.168?

Moved from “Coding > Python Support” to “Support > Other Software”

If they’re on different networks, you want to be using their external addresses.

Essentially, the internet works on a random forwarding system, which is why it is so flexible. Read this for some basic information

That is a private network address. It means that it doesn’t route through the internet and that you have a network address translator (NAT) in your home router. Your router asks one IP from the ISP (WAN address) and gives a private network address to all computers connected to it (LAN address). Unless you specify some routing rule yourself, no one can open a connection directly to your computer because all that is seen from the outside is the WAN address. Any incoming connection attempt would fail.
If you initiate the connection on the other hand, then it’s possible to establish communications because now your router knows which computer is talking and also knows to send the responses back.

I have my client try to connect to my server via the WAN address but still no luck. Im pretty sure i forgot to allow the client through firewall… ill get back to you guys