Introduction

The network layer is key to the operation of the stack. Some of the protocols and services that reside here include Internet Protocol (IP), Internet Control Message Protocol (ICMP), and routing protocols. IP provides the ability for global communication, as well as a unique address scheme that is not found in Ethernet. It does an amazing job for a connectionless protocol, and has the ability to handle fragmentation, Quality of Service, and IP header error checking. However, there are potential problems. Since IP is a connectionless service, it can only make a best effort at delivery. It s also subject to spoofing and can be manipulated to aid in a variety of attacks such as a Denial of Service (DoS). Our concerns don t end there though. ICMP is another of the protocols that resides at the network layer. It s different than many other protocols and applications in that it is not typically directed by network applications. It is used for logical errors and diagnostics. It s also used by attackers for such acts of mischief as the Smurf attack and can aid in port scanning. Even routing protocols are not completely secure from stack attacks. Many routing protocols can be used to redirect traffic, or can be employed for DoS attacks.

The preceding are just some of the topics that will be discussed in this chapter. As in previous chapters, this one will start off with a review of the protocols. Next, we will take an in-depth look at the...