CSE4303 Introduction to Computer Security (Lecture 4)
Network attacks
Examining the transport layer
Transmission Control Protocol (TCP)
Connection-oriented, preserves order
- Sender
- Break data into packets
- Attach packet numbers
- Receiver
- Acknowledge receipt; lost packets are resent
- Reassemble packets in correct order
Security Problems
- Network packets pass by untrusted hosts
- Eavesdropping, packet sniffing
- Especially easy when attacker controls a machine close to victim (e.g. WiFi routers)
- TCP state easily obtained by eavesdropping
- Enables spoofing and session hijacking
- Denial of Service (DoS) vulnerabilities
Last updated on