network python programming: Updated Sun, 02 Oct 2022 06:32:42 GMT

How do I keep Python Sockets secure for Multiplayer Games?

I'm making a simple multiplayer game in Python. No personal/important data will be transferred between the server and client. I am using the Python sockets library to communicate between the client and the server.

However, I have done nothing special for security. I'm worried that someone could hijack the client-server connection of another player and control their actions in the game. Is this possible? Should this be a security concern, or are Python sockets safe from tampering?

Solution

Assuming this is a TCP connection, generally another player wouldn't be able to hijack the established client-server connection of another player.

However, someone controlling their network (the ISP of the player, the owner of the wifi it uses to connect, etc.) would be able to:

view the contents of all packets transferred (including any authentication data)
modify the commands sent
replace their connection with its own
MITM connections to the server

You could avoid this by doing your communication on top of TLS, instead of bare sockets.

References

https://security.stackexchange.com/questions/263731