TCP/IP Attacks, Defenses and Security Tools
Abdullah H. Alqahtani1, Mohsin Iftikhar2
1Abdullah H. Alqahtani, Computer Sciences, King Saud University/ Computer and Information Sciences, Riyadh, Saudi Arabia.
2Dr. Moshin Iftikhar, Computer Sciences, King Saud University/ Computer and Information Sciences/ Riaydh, Saudi Arabia.
Manuscript received on September 05, 2013. | Revised Manuscript received on September 11, 2013. | Manuscript published on September 15, 2013. | PP: 42-47 | Volume-1, Issue-10, September 2013. | Retrieval Number: J04630911013
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Published By: Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: The TCP/IP protocol suite is the foundation of Internet and is ubiquitous in almost all networks worldwide. It was written as a robust protocol, which is able to communicate despite node failures. The design parameters of TCP did not weigh security as important and placed an implicit trust on nodes. The result was a protocol which was reliable and robust, but contained myriad inherent security flaws, open to be exploited by a malicious entity as was amply demonstrated by Morris worm  in the early days of what is Internet today. This problem was aggravated by various faulty implementations of the TCP/IP protocol. Many vulnerabilities and corresponding attacks have been identified targeting TCP/IP protocol suite including spoofing attacks, denial of service attacks, authentication attacks and routing attacks etc. Design flaws of TCP/IP can be mitigated by applying layers of security mechanism in a network. But this application itself is open to exploitation. Various tools have been designed to analyze and identify the presence of such vulnerabilities and avenues of exploitation in TCP/IP suite. We describe the spectrum of attacks against TCP/IP suite and discuss various defense mechanisms and tools like firewalls, intrusion detection systems, protocol analyzers, sniffers and vulnerability scanners etc. We conclude with an analysis of these tools.
Keywords: Network security, TCP/IP security, security tools, hacking, computer security.