Ask
Login
0
3.2kviews
Explain the TCP/IP Vulnerability i.e., Layerwise well known attacks
written 7.8 years ago by gravatar for teamques10 teamques10 70k modified 3.7 years ago by gravatar for 19bcs3866 19bcs3866 10
system security
ADD COMMENT EDIT
1 Answer
1
59views
written 3.7 years ago by gravatar for 19bcs3866 19bcs3866 10

TCP/IP Vulnerabilities Transmission Control Protocol/Internet Protocol(ТСР/IР)

  • Suite of protocols that underlie the Internet
  • Comprises many protocols and applications
  • Common language of networked computers
  • Makes transferring information fast and efficient
  • IP has tools to correctly rout packets

  • ТСP is transfer between host computers esponsible for safe and reliable data Illegitimate users take advantage of TCP/IP vulnerabilities

  • By exploiting the "three-way handshake" Unauthorized users may launch a denial-of-service attack on the destination computer

  • Floods network with so many additional requests that regular traffic is slowed or completely interrupted 1

Data Encapsulation

  • Enclosing higher-level protocol information in lower- level protocol information
  • Also called data hiding
  • Implementation details of a class are hidden from user

IP (Internet Protocol)Internet Protocol (IP)

  • Transmits data from source to final destination
  • Network protocol operating at layer 3 of the OSI Model
    • And layer 2 or 3 of the TCP/IP Model
  • IP is connectionless
    • No guarantee of delivery of packets to the destination

  • IP routes packets over network hardware

  • IP addresses formats

    • IPV4 (32-bit address)
      • Usually written as a dotted-decimal, e.g., 192.168.100
    • IPV6 (128-bit address)
    • Usually written as eight groups of four hex digits, e.g., 2001:0db8:85a3:08d3:1319:8a2e:0370:7334

  • IP address exhaustion date

    • Approximately the beginning of 2011

  • IP packets often arrive out of sequence

    • Vulnerability that attackers can exploit
  • When a large IP packet is sent over a network, it is broken down
    • Called fragmentation

ТСР

  • Uses a connection-oriented design
    • Participants in a TCP session must create connection |
  • Connection is called the three-way handshake
  • Provides connection-oriented services between a source and destination computer
    • And guarantees delivery of packets |
  • Packets reach the application layer in the right order
    • TCP identifies and assembles packets based on - sequence numbers

Connection Setup and Release

  • Three-way handshake sets up and releases a connection
  • TCP packet flags: URG,ACK, PSH,RST,SYN, and FIN
  • Packets can have more than one flag set
    • Normally a packet will have only one flag sent, except with SYN/ACK or FIN/ACK
  • Three packets in a TCP connection: SYN --> SYN/ACK --> ACK

Connection Setup

  • Source computer delivers a SYN packet to the destination computer
    • Packet has the initial sequence number (ISN)
    • ISN is indicated by whether the SYN bit is "set"
  • Receiving computer transmits a SYN with an acknowledgment, ACK
  • Source computer sends an ACK to the destination computer as a response
    • With an "in-range" sequence number

Connection Release

  • Source computer sends a FIN packet to the destination computer
  • Destination computer then sends a FIN/ACK packet
  • Source computer sends an ACK packet -
  • Either computer could send an RST and close the session (reset) immediately
ADD COMMENT EDIT
Please log in to add an answer.