Professional Documents
Culture Documents
TCP/IP stands for Transmission Control Protocol/Internet Protocol. It is a communication protocol by which network
devices interconnect on the internet and communicate with each other. The TCP protocol is used with an IP protocol, so
both of them together are referred to as a TCP/IP. TCP/IP lies between the Application and Network Layers, which are
used in providing reliable delivery service.
Working :
The TCP model breaks down sender messages or data into small packets and forwards them to the Internet Protocol
(IP) layer. After the message is broken down into small packets, the packets are then sent through various routes to their
destination. When one route is congested or cannot be used to reach the destination, then the packet arrives at the
destination from multiple routes, but the destination remains the same during the process. When the packets arrive at their
destination, they are reassembled into the original message or data, and the receiver receives the message or data. The
TCP layer in the sender system waits for the end of the transfer and acknowledges when all packets are received.
TCP/IP Hijacking:
TCP/IP hijacking is a man-in-the-middle network attack. This is a network attack where an authorized user can gain
access to another user’s or client’s authorized network connection. After hijacking a TCP/IP session, an attacker is able to
easily read and modify the transferred packets and the hacker is also able to send its own requests to the user. For TCP/IP
hijacking, attackers use DOS attacks and IP spoofing.
The first major goal of an attacker is to obtain the IPs of two devices that communicate using the same
network or connection. To do this, the attacker monitors the data transmission on the network until the
IP of the device is obtained.
After successfully grabbing the user IP. Hackers can easily attack the connection.
In order to gain access to the connection, the hacker put down the connection of another user through a
DOS attack, and the user’s connection waits for reconnection.
By spoofing the disconnected user’s IP, hackers can easily restore communication.
Preventive Measures:
Example
An attacker monitors the data transmission over a network
and discovers the IP’s of two devices that participate in a
connection.
Shijack
In practice, one of the best TCP/IP hijack tools is Shijack. It
is developed using Python language and you can download it
from the following link
− https://packetstormsecurity.com/sniffers/shijack.tgz
192.168.0.200 23
Hunt
Hunt is another popular tool that you can use to hijack a
TCP/IP connection. It can be downloaded from
− https://packetstormsecurity.com/sniffers/hunt/