General Classes of TCP/IP Problems

Slides:



Advertisements
Similar presentations
Module X Session Hijacking
Advertisements

TCP/IP Christopher Zacky. lolwut Decimal Numbers.
CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
Computer Security and Penetration Testing
Guide to TCP/IP, Second Edition1 Guide To TCP/IP, Second Edition Chapter 5 Transport Layer TCP/IP Protocols.
CCNA – Network Fundamentals
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 OSI Transport Layer Network Fundamentals – Chapter 4.
Transmission Control Protocol (TCP)
Guide to TCP/IP, Third Edition
CISCO NETWORKING ACADEMY PROGRAM (CNAP)
Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
1 Reading Log Files. 2 Segment Format
Chapter 7 – Transport Layer Protocols
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
IP Spoofing, CS2651 IP Spoofing Bao Ho ToanTai Vu CS Security Engineering Spring 2003 San Jose State University.
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
Slide 1 Attacks on TCP/IP. slide 2 Security Issues in TCP/IP uNetwork packets pass by untrusted hosts Eavesdropping (packet sniffing) uIP addresses are.
TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 TCP (Part III: Miscl) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute
1 CCNA 2 v3.1 Module Intermediate TCP/IP CCNA 2 Module 10.
WXES2106 Network Technology Semester /2005 Chapter 8 Intermediate TCP CCNA2: Module 10.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
TRANSPORT LAYER T.Najah Al-Subaie Kingdom of Saudi Arabia Prince Norah bint Abdul Rahman University College of Computer Since and Information System NET331.
1 Transport Layer Computer Networks. 2 Where are we?
IIT Indore © Neminath Hubballi
Computer Security and Penetration Testing
1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen
1 Chapter Overview TCP/IP DoD model. 2 Network Layer Protocols Responsible for end-to-end communications on an internetwork Contrast with data-link layer.
The Transmission Control Protocol (TCP) TCP is a protocol that specifies: –How to distinguish among multiple destinations on a given machine –How to initiate.
TCP Timers Chia-tai Tsai Introduction The 7 Timers for each Connection Connection-Establishment Timer Establish a new connection.
Security Problems in the TCP/IP Protocol Suite Presented by: Sandra Daniels, José Nieves, Debbie Rasnick, Gary Tusing.
Introduction to Sockstress A TCP Socket Stress Testing Framework Presented at the SEC-T Security Conference Presented by: Jack C. Louis –Senior Security.
TCP/IP Vulnerabilities
Security Issues in Control, Management and Routing Protocols M.Baltatu, A.Lioy, F.Maino, D.Mazzocchi Computer and Network Security Group Politecnico di.
TCP/IP Honolulu Community College Cisco Academy Training Center Semester 2 Version 2.1.
Lecture 22 Network Security CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini.
1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.
Department of Information Engineering1 About your assignment 5 -layers Model Application Layer(HTTP, DNS,...) TCP Layer(add sequence number to packets)
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 25 November 16, 2004.
TCP Security Vulnerabilities Phil Cayton CSE
Slide #1 CIT 380: Securing Computer Systems TCP/IP.
TCP Timeout and Retransmission
SEMINAR ON IP SPOOFING. IP spoofing is the creation of IP packets using forged (spoofed) source IP address. In the April 1989, AT & T Bell a lab was among.
Page 12/9/2016 Chapter 10 Intermediate TCP : TCP and UDP segments, Transport Layer Ports CCNA2 Chapter 10.
Telecommunications Networking II Lecture 41d Denial-of-Service Attacks.
1 Version 3.1 Module 10 Intermediate TCP/IP (Layer 4)
Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 BGP Overview Establishing BGP Sessions.
© 2002, Cisco Systems, Inc. All rights reserved..
Transport Layer1 TCP Connection Management Recall: TCP sender, receiver establish “connection” before exchanging data segments r initialize TCP variables:
TCP Insecurity Rocky K. C. Chang 30 March Rocky K. C. Chang Outline  SYN flooding  Sequence number attacks  Extraneous TCP state transitions.
1 Transmission Control Protocol (TCP) RFC: Introduction The TCP is intended to provide a reliable process-to-process communication service in a.
Presentation on ip spoofing BY
1 Lecture A.2: Security Problems in TCP/IP r Reference: Security Problems in the TCP/IP Protocol Suite : by Steve Bellovin r R-services r Source-routing.
Port Scanning James Tate II
5. End-to-end protocols (part 1)
CIT 480: Securing Computer Systems
TCP Transport layer Er. Vikram Dhiman LPU.
CS 5565 Network Architecture and Protocols
CS 5565 Network Architecture and Protocols
Figure 3-23: Transmission Control Protocol (TCP) (Study Figure)
Threats in Networks Jagdish S. Gangolly School of Business
IIT Indore © Neminath Hubballi
PART 5 Transport Layer.
Computer Networks Topic :User datagram protocol Transmission Control Protocol -Hemashree S( )
Transport Layer 9/22/2019.
TCP Connection Management
Presentation transcript:

General Classes of TCP/IP Problems TCP timers exist as a part of connection-oriented delivery TCP sequence numbers exist as part of reliable delivery The two main groups where TCP/IP security and/or Denial of Service problems occur from IP Spoofing TCP Sequence Prediction

Guarding against TCP/IP Problems Unfortunately, the problems are inherent in the protocol since the designers created it for trust and delivery Cryptography in the form of encryption and authentication would cut down on spoofing problems Software Fixes such as TCP wrappers, disabling BSD-r protocols, .rhosts files Designing networks with good network topologies and no inherent trust relationships

TCP Timers Retransmission Timer Connection Timer 2MSL Persist Timer Used when a host expects and ACK from the other side Connection Timer The initial timer set when a connection is established when a SYN is sent 2MSL The timer used to measure TIME_WAIT state Persist Timer Timer used to keep window size information exchanged Keepalive Timer (Polling) Keeps an idle connection alive

General Class of Routing Problems Primarily dealing with problems at the network level IP Source Routing An attacker can choose a desired IP RIP Bogus routing information can be propagated to networks EGP Core gateways occasionally poll each other and uses sequence numbers that must be echoed by other end ICMP ICMP redirects to advise bogus routes Denial of service attack from Ping floods

General Class of TCP Problems IP Spoofing TCP Sequence Guessing Connection Hi-jacking Simultaneous Open SYN, SYN-FIN, SYN-ACK Timing Problems - Desynchronized States

IP Spoofing A remote host can trivially send spoofed IP addresses to a victim host This attack must be in conjunction with sequence prediction since an incorrect sequence numbers have the target host send RST segments Difficult to defend against

TCP Sequence Prediction Problem The ISN uses a global counter for the initial number The increment is usually 64 SYN = ISN + Increment 4.2 BSD implementations violate RFC protocol by setting ISN = 1

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.