The Socket class requires the SocketPermission.Accept permission to create a listening socket, and the SocketPermission.Connect privilege is required to connect a remote socket. These permissions apply to all instances of the Socket class, including TCP and UDP.
Code access security defines a security policy that grants different privileges based on the zone in which the application is running. There are three zones: My Computer, Local Intranet, and Internet. The My Computer zone defines any application run from the local computer, and Local Intranet consists of applications run from network shares residing on the Local Area Network (LAN). The Internet zone is the network beyond the LAN, such as a Web server on the Internet.
In version 1.1 of the .NET Framework, both the SocketPermission.Accept and SocketPermission.Connect permissions are granted only to applications run in the My Computer zone. Code executed from either of the other two zones will result in a System.Security.SecurityException being thrown. As an experiment, create a network share on your local computer with the SimpleServer.exe sample (in the Chap08\SimpleSocket folder) in it. Map a driver letter to that share, and execute the sample from the mapped drive. An exception will be thrown. Of course, the default policy might be changed to allow this connection.