TABLE OF CONTENTS Prabhaker Mateti
Department of Computer Science and Engineering
Wright State University
Dayton, Ohio 45435
http://www.cs.wright.edu/~pmateti/
The TCP/IP suite has many design weaknesses so far as security and privacy are concerned. Some of these are protocol design weaknesses per se, whereas the rest are defects in the software that implements the protocols. In this paper, we describe these issues from a practical perspective.
This paper is an overview of security attacks in the core protocols (IP, UDP, and TCP) and infrastructure protocols (ARP, ICMP, DNS). However, we do not address the exploits in various application protocols, but do focus on additional issues such as covert channels. We describe these issues from a practical perspective.
Some of these are protocol design weaknesses per se, whereas the rest are defects in the software that implements the protocols. IP, UDP, TCP and the infrastructure protocols were designed at a time when security concerns were almost non-existing and trust was assumed. While this paper summarizes design weaknesses in the TCP/IP suite from a security point of view, it is important to remember that many implementations have fixed these weaknesses, but are not described in RFCs. We assume that the reader is fluent in TCP and IP details.
Protocol weaknesses can be divided into those due to (i) the design...
