TCP/IP Configuration

The Internet Protocol (IP) is the language of the Internet. All computers on the Internet exchange data using TCP/IP. The current versions of TCP, UDP, and the IP protocol (Version 4) all became Internet standards in 1981.

An issue with TCP/IP is it offers no form of security such as authentication, encryption, or data integrity. There are many methods of attacking the existing TCP/IP protocol suite. These attacks include:

Connection hijacking

This occurs when an attacker takes over an existing session. It is, for example, possible for an attacker to take over a Telnet session after a user has logged in. The attacker has to be able to listen to any packets exchanged between the server and the client, and forge packets to launch this attack. There is a good paper on connection hijacking available at http://www.insecure.org/stf/iphijack.txt.

Data insertion

A stealth attack similar to connection hijacking. The goal is to insert data into an existing session to run commands to break into or to sabotage the target system.

Denial of service

The purpose of a denial of service attack is to make a site unavailable to normal users. Flooding the network connection of a server with connection attempts may achieve this.

Man-in-the-middle

An attack that tricks a client into believing that it’s talking to the real destination server. In fact, it’s talking to another system (controlled by the attacker) that is, in turn, talking to the real destination server. This attack ...

Get Securing Windows NT/2000 Servers for the Internet now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.