0
2.6kviews
Explain the TCP/IP Vulnerability i.e., Layerwise well known attacks
1 Answer
1
45views

TCP/IP Vulnerabilities Transmission Control Protocol/Internet Protocol(ТСР/IР)

  • Suite of protocols that underlie the Internet
  • Comprises many protocols and applications
  • Common language of networked computers
  • Makes transferring information fast and efficient
  • IP has tools to correctly rout packets
  • ТСP is transfer between host computers esponsible for safe and reliable data Illegitimate users take advantage of TCP/IP vulnerabilities

  • By exploiting the "three-way handshake" Unauthorized users may launch a denial-of-service attack on the destination computer

  • Floods network with so many additional requests that regular traffic is slowed or completely interrupted 1

Data Encapsulation

  • Enclosing higher-level protocol information in lower- level protocol information
  • Also called data hiding
  • Implementation details of a class are hidden from user

IP (Internet Protocol)Internet Protocol (IP)

  • Transmits data from source to final destination
  • Network protocol operating at layer 3 of the OSI Model
    • And layer 2 or 3 of the TCP/IP Model
  • IP is connectionless
    • No guarantee of delivery of packets to the destination
  • IP routes packets over network hardware

  • IP addresses formats

    • IPV4 (32-bit address)
      • Usually written as a dotted-decimal, e.g., 192.168.100
    • IPV6 (128-bit address)
    • Usually written as eight groups of four hex digits, e.g., 2001:0db8:85a3:08d3:1319:8a2e:0370:7334
  • IP address exhaustion date

    • Approximately the beginning of 2011
  • IP packets often arrive out of sequence

    • Vulnerability that attackers can exploit
  • When a large IP packet is sent over a network, it is broken down
    • Called fragmentation

ТСР

  • Uses a connection-oriented design
    • Participants in a TCP session must create connection |
  • Connection is called the three-way handshake
  • Provides connection-oriented services between a source and destination computer
    • And guarantees delivery of packets |
  • Packets reach the application layer in the right order
    • TCP identifies and assembles packets based on - sequence numbers

Connection Setup and Release

  • Three-way handshake sets up and releases a connection
  • TCP packet flags: URG,ACK, PSH,RST,SYN, and FIN
  • Packets can have more than one flag set
    • Normally a packet will have only one flag sent, except with SYN/ACK or FIN/ACK
  • Three packets in a TCP connection: SYN --> SYN/ACK --> ACK

Connection Setup

  • Source computer delivers a SYN packet to the destination computer
    • Packet has the initial sequence number (ISN)
    • ISN is indicated by whether the SYN bit is "set"
  • Receiving computer transmits a SYN with an acknowledgment, ACK
  • Source computer sends an ACK to the destination computer as a response
    • With an "in-range" sequence number

Connection Release

  • Source computer sends a FIN packet to the destination computer
  • Destination computer then sends a FIN/ACK packet
  • Source computer sends an ACK packet -
  • Either computer could send an RST and close the session (reset) immediately
Please log in to add an answer.