TABLE OF CONTENTS This chapter discusses the Session layer (layer 5) on the Open Systems Interconnect (OSI) model. In this chapter, we examine a number of well-known techniques that are used to attack sessions, and discuss the underlying qualities of the protocols that enable these attacks. We examine the limited options available for defending against session-based attacks, and how to leverage Session-layer qualities to aid in defending networks.This chapter focuses on the Session layer features of Transmission Control Protocol (TCP).
The Session layer provides a set of features that contribute to the reliability and usefulness of modern network communications. Among these features are:
Session Checkpointing TCP acknowledgment (ACK) packets are regularly passed between hosts to identify the last packet that was received.TCP delays the transmission of an ACK packet until either a timeout is reached or a number of packets equal to the TCP window size have been sent.This delay increases the efficiency of the protocol and establishes checkpoints. At any point,TCP can resume transmission from the previous checkpoint if a delivery failure occurs.
Session Adjournment Though not commonly employed,TCP sessions may be adjourned through setting the TCP window to 0 bytes.This informs the sending host that no buffer is available to hold transmitted data and halts communications without losing the connection.
Session Termination TCP provides a means for both graceful and immediate session terminations. Graceful session terminations occur by sending a finish (FIN) flag that is subsequently acknowledged by the recipient. Immediate session terminations occur by...
