Download presentation
Presentation is loading. Please wait.
1
TCP/IP Network and Firewall
2
IP Packet Protocol 1 ICMP packet 6 TCP packet 17 UDP packet
3
TCP Packet Flags 00: URG 01: ACK 02: PSH 03: RST 04: SYN 05: FIN
4
Communication During TCP Session PC 1. SYN (open) 3. ACK (2) 4. Data=HTTP Request 7. FIN 10. ACK(9) Webserver 2. SYN, ACK(1) 5. ACK(4) 6. Data=HTTP Response 8. ACK(7) 9. FIN
5
SYN/ACK Probing Attack Attacker send SYN/ACK segment To confuse the server and make server to respond Victim respond RST segment Show server information
6
TCP Port Numbers Server and Well-Known Port Numbers Port numbers from 0 to 1023 Should only be used by privileged application Port 80 – HTTP Port 21 – FTP Port 20 – SMTP Registered Port Number Port number from 1024 to 49512 Used by other applications Port 1433/tcp – MSSQL Port 1352/tcp -- Lotus Note
7
TCP Port Numbers Con. Private / Dynamic Port Number Port numbers from 49153 to 65535 Client use the port number to connect to server Client 60.171.18.22 Web Server 60.171.17.13 Port 80 open From: 60.171.18.22: 50047 To: 60.171.17.13:80 From: 60.171.17.13:80 To: 60.171.18.22: 50047 SMTP Server 60.171.17.120 Port 25 open From: 60.171.18.22: 63003 To: 60.171.17.120:25
8
Port Spoofing Application use well-known port number despite not being the service that normally uses that port number For example HTTP service.
9
UDP Packet UTP datagram is far simpler than the TCP segment because UDP is connectionless UDP is susceptible to port number spoofing
10
Internet Control Massage (ICMP) Network Analysis Message Echo (Type 8) Echo Reply (Type 0) Error Advisement Message Host Unreachable (Type 3) Time Exceeded (Type 11) Control Message Source Quench (Type 4) Redirect (Type 5)
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.