Presentation is loading. Please wait.

Presentation is loading. Please wait.

TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.

Similar presentations


Presentation on theme: "TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet."— Presentation transcript:

1 TCP/IP Network and Firewall

2 IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet

3 TCP Packet Flags  00: URG  01: ACK  02: PSH  03: RST  04: SYN  05: FIN

4 Communication During TCP Session PC 1. SYN (open)  3. ACK (2)  4. Data=HTTP  Request 7. FIN  10. ACK(9) Webserver  2. SYN, ACK(1)  5. ACK(4)  6. Data=HTTP Response  8. ACK(7)  9. FIN

5 SYN/ACK Probing Attack Attacker send SYN/ACK segment  To confuse the server and make server to respond Victim respond RST segment  Show server information

6 TCP Port Numbers Server and Well-Known Port Numbers  Port numbers from 0 to 1023  Should only be used by privileged application Port 80 – HTTP Port 21 – FTP Port 20 – SMTP Registered Port Number  Port number from 1024 to 49512  Used by other applications Port 1433/tcp – MSSQL Port 1352/tcp -- Lotus Note

7 TCP Port Numbers Con. Private / Dynamic Port Number  Port numbers from 49153 to 65535  Client use the port number to connect to server Client 60.171.18.22 Web Server 60.171.17.13 Port 80 open From: 60.171.18.22: 50047 To: 60.171.17.13:80 From: 60.171.17.13:80 To: 60.171.18.22: 50047 SMTP Server 60.171.17.120 Port 25 open From: 60.171.18.22: 63003 To: 60.171.17.120:25

8 Port Spoofing Application use well-known port number despite not being the service that normally uses that port number For example HTTP service.

9 UDP Packet UTP datagram is far simpler than the TCP segment because UDP is connectionless UDP is susceptible to port number spoofing

10 Internet Control Massage (ICMP) Network Analysis Message  Echo (Type 8)  Echo Reply (Type 0) Error Advisement Message  Host Unreachable (Type 3)  Time Exceeded (Type 11) Control Message  Source Quench (Type 4)  Redirect (Type 5)


Download ppt "TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet."

Similar presentations


Ads by Google