Professional Documents
Culture Documents
1
TCP/IP
• The Internet protocol suite is the set of communications
protocols used for the Internet and similar networks, and
generally the most popular protocol stack for wide area
networks.
• IP is the primary protocol in the Internet Layer of the Internet Protocol Suite
and has the task of delivering datagram's from the source host to the
destination host solely based on the addresses
• For this purpose, IP defines datagram structures that encapsulate the data
to be delivered
• It also defines addressing methods that are used to label the datagram
source and destination
6
TCP/IP Network Vulnerability -
Security
• The TCP/IP protocol suite has a number of vulnerability and security flaws
inherent in the protocols. Those vulnerabilities are often used by crackers
for Denial of Service (DOS) attacks, connection hijacking and other attacks.
• TCP SYN attacks (or SYN Flooding). Uses sequence numbers to ensure data
is given to the user in the correct order.
• TCP SYN attacks take advantage of a flaw in how most hosts implement TCP
three-way handshake.
7
Flaws in hosts implement
TCP three-way handshake
• When Host B receives the SYN request from A,
• it must keep track of the partially opened connection in a "listen queue" for
at least 75 seconds
• and a host can only keep track of a very limited number of connections.
• A malicious host can exploit the small size of the listen queue by sending
multiple SYN requests to a host
• But never replying to the SYN&ACK the other host sends back
• By doing so, the other host's listen queue is quickly filled up, and it will stop
accepting new connections, until a partially opened connection in the
queue is completed or times out.
• This ability to effectively remove a host from the network for at least 75
seconds can be used as a denial-of-service attack, or it can be used to
implement other attacks, like IP Spoofing. (forged source to steal data)
8
IPv4 & IPv6
Each device on the Internet, such as a computer or mobile
telephone, must be assigned an IP address in order to
communicate with other devices.
• World IPv6 Launch day kick-off date was on the 6th of June, 2012.
10
Threat Model
The major threats to any active networking system are to
the public resources of the system such as:
• the CPU,
• memory
• network
• contents of the system i.e:
• the packets
• the information stored on routers
• Controls
• Authentication – Checks weather user is true
• Multifactor authentication – e.g. ATM Card &PIN
• Authorisation – Give access to user
• Approval
• Investigation schemes & Technology
14
Risk Access Spots
Server
• Client
• Web
• Cache
• Application
• Database
15
Risk Access Spots
Authentication
• User ID
• Password
• Encryption
16
Information Gathering
• The information gathered from carrying out research into
the above security risk areas will provide us the feedback
that is needed to establish
18