We are developing a TCP client tool which connects to one of our TCP servers. We send custom packets from the client to the server which the server knows how to intercept. On our server we wanted to know from which client machine the packets are received. Is it ok to send the Hostname of the client machine in the packet?
The bigger concern is for cases when the client machine is a machine in a corp network?
Thanks in advance
Sending the client name in a clear text over the internet is indeed information disclosure. What is the impact of this depends on how your corpnet is configured and secured. If you want to ensure that you have mitigated any potential threats, you should encrypt the client name in the packet and subsequently sign the packet to ensure integrity. Of course, that has associated cost, so it's up to you to assess whether the perceived threat warrants incurring that cost.
What will you be using the host name for? Can you simply use the IP address, which you have because you have an established TCP connection?
-Brian J. Stinar-