Network Security Vulnerabilities: A Comprehensive Analysis
VerifiedAdded on 2025/06/23
|5
|1746
|198
AI Summary
Desklib provides solved assignments and past papers on various topics, including network security.
Task 2
Vulnerabilities involved in the DNS
DNS stands for the Domain Name Services which provides the unique name to the particular
domain. The DNS maps the particular domain name with the IP addresses in order to provide the
finding method of that particular page with the help of the web browser. The DNS works using
the DNS servers. The DNS is having a lot of vulnerabilities and issues they are given below. The
DNS are of two different types one is public DNS and another is private DNS. The
vulnerabilities and weaknesses which the DNS is having are given as follows:
The DNS server is anyone’s server: this is the major vulnerability which the DNS
server is having currently. The DNS server stores all the data which is related to the
domain and provides that data to each and every people who sends the request to the
server for the data accessibility. This is the major reason the DNS is not so much secure
and each and every person can easily access the data in the DNS server. This
vulnerability is very much beneficial for the professional attackers who can easily get any
sort of data from the DNS server very easily just by making a simple request. The server
shares the information with anybody who ask about the information from the server. The
solution for this problem is that each and every user should be authorized by providing
them the valid login credentials for accessing the data from the server.
Cache Manipulation: the caches presented in the DNS server are not authorized and can
be easily modified by anyone may it be a attacker also. The caches of the DNS server are
not so much secure enough so it can be manipulated and modified easily by the attacker
or any unauthorized users. the DNS server can also be poisoned by the attackers and they
can insert any type of harmful content in the DNS server by poisoning it.
DNS transfers the information to the servers: the DNS takes the information from the
differently available outside sources and sends it to the outside server. The attackers get
the benefits of this vulnerability by attacking the server when it is receiving the private
Vulnerabilities involved in the DNS
DNS stands for the Domain Name Services which provides the unique name to the particular
domain. The DNS maps the particular domain name with the IP addresses in order to provide the
finding method of that particular page with the help of the web browser. The DNS works using
the DNS servers. The DNS is having a lot of vulnerabilities and issues they are given below. The
DNS are of two different types one is public DNS and another is private DNS. The
vulnerabilities and weaknesses which the DNS is having are given as follows:
The DNS server is anyone’s server: this is the major vulnerability which the DNS
server is having currently. The DNS server stores all the data which is related to the
domain and provides that data to each and every people who sends the request to the
server for the data accessibility. This is the major reason the DNS is not so much secure
and each and every person can easily access the data in the DNS server. This
vulnerability is very much beneficial for the professional attackers who can easily get any
sort of data from the DNS server very easily just by making a simple request. The server
shares the information with anybody who ask about the information from the server. The
solution for this problem is that each and every user should be authorized by providing
them the valid login credentials for accessing the data from the server.
Cache Manipulation: the caches presented in the DNS server are not authorized and can
be easily modified by anyone may it be a attacker also. The caches of the DNS server are
not so much secure enough so it can be manipulated and modified easily by the attacker
or any unauthorized users. the DNS server can also be poisoned by the attackers and they
can insert any type of harmful content in the DNS server by poisoning it.
DNS transfers the information to the servers: the DNS takes the information from the
differently available outside sources and sends it to the outside server. The attackers get
the benefits of this vulnerability by attacking the server when it is receiving the private
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
and sensitive information from the outside sources. The information can be easily stolen
by the attackers by infiltrating in the process.
Vulnerability in the WEP
WEP stands for the wireless equivalent privacy which is used to provide the different types of
security and the protection services to the wireless LAN network users. The WEP maintains the
security of the wireless LAN of the different users in order to secure the private and confidential
data of the users from the attackers and the unauthorized users. there are different vulnerabilities
in the WEP they are as follows:
The small size of the IV: the initialization vector IV is much smaller in the wireless
equivalent protocol. The size of the IV is 24 bits only which provides the different
accessibility key to the WEP. Being small in size the keys of the IV can be easily
accessed by each and every user may it be attacker. They can easily access the data using
those keys.
ICV algorithm’s less accuracy: The integrity check value of the WEP consists of an
algorithm which checks the different errors and issues in the WEP which leads to the
least accuracy. The attackers can easily inject the harmful things inside the WEP for
breaking the security. This is the major vulnerability in ICV algorithm of the WEP.
Weak RC4: the RC4 is having the system accessibility keys which are very weak and
less secure so can be much more easily accessible by any users may it be the attackers
also. The attackers got the advantage and attack on the weak security keys of the RC4
and can easily access the data using those keys.
Weak Authentication: the authentication policy of the WEP is much weaker. The users
send the messages to the different users which are authenticated but are vulnerable. The
attackers can easily forge the authenticated messages which are sent by the user so they
can access all the messages which consists of the private data of the users which is easily
accessible by the unauthorized users or attackers.
by the attackers by infiltrating in the process.
Vulnerability in the WEP
WEP stands for the wireless equivalent privacy which is used to provide the different types of
security and the protection services to the wireless LAN network users. The WEP maintains the
security of the wireless LAN of the different users in order to secure the private and confidential
data of the users from the attackers and the unauthorized users. there are different vulnerabilities
in the WEP they are as follows:
The small size of the IV: the initialization vector IV is much smaller in the wireless
equivalent protocol. The size of the IV is 24 bits only which provides the different
accessibility key to the WEP. Being small in size the keys of the IV can be easily
accessed by each and every user may it be attacker. They can easily access the data using
those keys.
ICV algorithm’s less accuracy: The integrity check value of the WEP consists of an
algorithm which checks the different errors and issues in the WEP which leads to the
least accuracy. The attackers can easily inject the harmful things inside the WEP for
breaking the security. This is the major vulnerability in ICV algorithm of the WEP.
Weak RC4: the RC4 is having the system accessibility keys which are very weak and
less secure so can be much more easily accessible by any users may it be the attackers
also. The attackers got the advantage and attack on the weak security keys of the RC4
and can easily access the data using those keys.
Weak Authentication: the authentication policy of the WEP is much weaker. The users
send the messages to the different users which are authenticated but are vulnerable. The
attackers can easily forge the authenticated messages which are sent by the user so they
can access all the messages which consists of the private data of the users which is easily
accessible by the unauthorized users or attackers.
Vulnerabilities in SMTP
SMTP stands for the simple mail transfer protocol which has been used to send and transmit the
different messages in order to communicate with the different users. The SMTP is the part of the
application layers which leads to the message transmission. The SMTP consists of the
communication guidelines which is used to receive and send the electronic mail and messages
between the different users. there are several vulnerabilities in the SMTP they are as follows:
SMTP server injection: This vulnerability is not much harmful. The attackers inject the
harmful substances inside the e mails of the different users. The SMTP injection leads to
the E-mail hacking in which the attackers insert the harmful viruses inside the email
addresses of the users which might be automatically send mails to different users.
Email account enumeration: The account enumeration means that the attackers can easily
access the data of the user’s email accounts. The email addresses of the users are totally
controlled by the users in order to access all the private mails of the different users. The
attackers can read and use the private information which is sent and received by the
different users and consists of their private data.
SMTP relay vulnerability: the SMTP relay consists of the open mail related vulnerability
which leads to the usage of the user’s private mail address for sending the fake mails to
the different users using an individual users account. The user’s account is totally
controlled by the attacker without being in knowledge of the users. they can send the
different fraud mails to different users so that in order to perform the illegal work with
the help of the different users which has been attacked by the hackers.
SMTP stands for the simple mail transfer protocol which has been used to send and transmit the
different messages in order to communicate with the different users. The SMTP is the part of the
application layers which leads to the message transmission. The SMTP consists of the
communication guidelines which is used to receive and send the electronic mail and messages
between the different users. there are several vulnerabilities in the SMTP they are as follows:
SMTP server injection: This vulnerability is not much harmful. The attackers inject the
harmful substances inside the e mails of the different users. The SMTP injection leads to
the E-mail hacking in which the attackers insert the harmful viruses inside the email
addresses of the users which might be automatically send mails to different users.
Email account enumeration: The account enumeration means that the attackers can easily
access the data of the user’s email accounts. The email addresses of the users are totally
controlled by the users in order to access all the private mails of the different users. The
attackers can read and use the private information which is sent and received by the
different users and consists of their private data.
SMTP relay vulnerability: the SMTP relay consists of the open mail related vulnerability
which leads to the usage of the user’s private mail address for sending the fake mails to
the different users using an individual users account. The user’s account is totally
controlled by the attacker without being in knowledge of the users. they can send the
different fraud mails to different users so that in order to perform the illegal work with
the help of the different users which has been attacked by the hackers.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Task 3
Attacks On TCP/IP
TCP/IP stands for the transmission control protocol/Internet Protocol. This protocol is used for
the communication process in order to send the messages and mails to different users. The
TCP/IP protocol works on the application layer. The TCP/IP protocol is used to establish the
connectivity among the two devices for the communication purposes in order to communicate
with each other. There are different types of vulnerabilities and attacks done by the attackers they
are given as follows:
Routing of the source and IP: the IP takes either two forms version 4 and version 6 the
IP source is used to provide the list of all the available routes which might be kept in the
consideration when the packets are sent. It is much more vulnerable so the attackers can
easily access the source route and can also easily access the data.
Reassembly of TCP: the TCP is the protocol which is totally based on the connectivity
in order to established between the two different users and their systems. The TCP
reassembly consists of the data packets which are re assembled in some of the cases
which is also vulnerable and is much more beneficial for the attackers.
Sequence Prediction: the TCP sequence prediction should be easily done by the
attackers in order to be the attacker might access all the processes of the data
communication and send and receive all the messages to the users which are involved in
the communication.
Blind Spoofing: the TCP sequences should be easily predicted by the different attackers
in order to inject the harmful things inside the TCP protocol so that they can easily attack
the user files and inject the different harmful files inside it and also can corrupt their
files. The attackers might blindly spoof the TCP related communication paths in order to
perform the different tasks.
SYN Flooding: the SYN flooding is the used to send the different data packets to the
different addresses. The SYN flooding addresses the different data sources to send the
data packets. Sometimes the attackers might attack the SYN and provide the vague
address which originally doesn’t exists. This may leads to the flooding of the data
packets on the route address which might not exists which leads to the slower
transmission because the transmission route is totally flooded.
Session Hijacking: the session of the data sent and received might be easily hijacked by
the different attacker in order to get the full access of the different data packets which are
sent and received by the different users. The users might be easily attacked by the
hackers and also they can easily access all the source packets which are transmitted to
the different source addresses.
Attacks On TCP/IP
TCP/IP stands for the transmission control protocol/Internet Protocol. This protocol is used for
the communication process in order to send the messages and mails to different users. The
TCP/IP protocol works on the application layer. The TCP/IP protocol is used to establish the
connectivity among the two devices for the communication purposes in order to communicate
with each other. There are different types of vulnerabilities and attacks done by the attackers they
are given as follows:
Routing of the source and IP: the IP takes either two forms version 4 and version 6 the
IP source is used to provide the list of all the available routes which might be kept in the
consideration when the packets are sent. It is much more vulnerable so the attackers can
easily access the source route and can also easily access the data.
Reassembly of TCP: the TCP is the protocol which is totally based on the connectivity
in order to established between the two different users and their systems. The TCP
reassembly consists of the data packets which are re assembled in some of the cases
which is also vulnerable and is much more beneficial for the attackers.
Sequence Prediction: the TCP sequence prediction should be easily done by the
attackers in order to be the attacker might access all the processes of the data
communication and send and receive all the messages to the users which are involved in
the communication.
Blind Spoofing: the TCP sequences should be easily predicted by the different attackers
in order to inject the harmful things inside the TCP protocol so that they can easily attack
the user files and inject the different harmful files inside it and also can corrupt their
files. The attackers might blindly spoof the TCP related communication paths in order to
perform the different tasks.
SYN Flooding: the SYN flooding is the used to send the different data packets to the
different addresses. The SYN flooding addresses the different data sources to send the
data packets. Sometimes the attackers might attack the SYN and provide the vague
address which originally doesn’t exists. This may leads to the flooding of the data
packets on the route address which might not exists which leads to the slower
transmission because the transmission route is totally flooded.
Session Hijacking: the session of the data sent and received might be easily hijacked by
the different attacker in order to get the full access of the different data packets which are
sent and received by the different users. The users might be easily attacked by the
hackers and also they can easily access all the source packets which are transmitted to
the different source addresses.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Man-in the middle attack: the Data is transmitted between the sender and receiver in
order to provide the information. The data can be easily attacked and accessed by the
attacker which is also named as the middle man and they can access and read all the data
easily which has been transmitted by them.
References
Chen, B., Pattanaik, N., Goulart, A., Butler-Purry, K.L. and Kundur, D., 2015, May.
Implementing attacks for modbus/TCP protocol in a real-time cyber physical system test bed.
In 2015 IEEE International Workshop Technical Committee on Communications Quality and
Reliability (CQR) (pp. 1-6). IEEE.
Luckie, M., Beverly, R., Wu, T. and Allman, M., 2015, October. Resilience of deployed TCP to
blind attacks. In Proceedings of the 2015 Internet Measurement Conference (pp. 13-26). ACM.
Osanaiye, O.A. and Dlodlo, M., 2015, September. TCP/IP header classification for detecting
spoofed DDoS attack in Cloud environment. In IEEE EUROCON 2015-International
Conference on Computer as a Tool (EUROCON) (pp. 1-6). IEEE.
Paliwal, G., Mudgal, A.P. and Taterh, S., 2015. A study on various attacks of tcp/ip and security
challenges in manet layer architecture. In Proceedings of Fourth International Conference on
Soft Computing for Problem Solving (pp. 195-207). Springer, New Delhi.
Chandramouli, S.P., Zhao, Z., Doupé, A. and Ahn, G.J., 2017. E-mail Header Injection
vulnerabilities. it-Information Technology, 59(2), pp.67-72.
Jalalzai, M.H., Shahid, W.B. and Iqbal, M.M.W., 2015, January. DNS security challenges and
best practices to deploy secure DNS with digital signatures. In 2015 12th International Bhurban
Conference on Applied Sciences and Technology (IBCAST) (pp. 280-285). IEEE.
Vemi, S.G. and Panchev, C., 2015, January. Vulnerability testing of wireless access points using
unmanned aerial vehicles (uav). In Proceedings of the European Conference on e-Learning (p.
245). Academic Conferences and Publishing International.
order to provide the information. The data can be easily attacked and accessed by the
attacker which is also named as the middle man and they can access and read all the data
easily which has been transmitted by them.
References
Chen, B., Pattanaik, N., Goulart, A., Butler-Purry, K.L. and Kundur, D., 2015, May.
Implementing attacks for modbus/TCP protocol in a real-time cyber physical system test bed.
In 2015 IEEE International Workshop Technical Committee on Communications Quality and
Reliability (CQR) (pp. 1-6). IEEE.
Luckie, M., Beverly, R., Wu, T. and Allman, M., 2015, October. Resilience of deployed TCP to
blind attacks. In Proceedings of the 2015 Internet Measurement Conference (pp. 13-26). ACM.
Osanaiye, O.A. and Dlodlo, M., 2015, September. TCP/IP header classification for detecting
spoofed DDoS attack in Cloud environment. In IEEE EUROCON 2015-International
Conference on Computer as a Tool (EUROCON) (pp. 1-6). IEEE.
Paliwal, G., Mudgal, A.P. and Taterh, S., 2015. A study on various attacks of tcp/ip and security
challenges in manet layer architecture. In Proceedings of Fourth International Conference on
Soft Computing for Problem Solving (pp. 195-207). Springer, New Delhi.
Chandramouli, S.P., Zhao, Z., Doupé, A. and Ahn, G.J., 2017. E-mail Header Injection
vulnerabilities. it-Information Technology, 59(2), pp.67-72.
Jalalzai, M.H., Shahid, W.B. and Iqbal, M.M.W., 2015, January. DNS security challenges and
best practices to deploy secure DNS with digital signatures. In 2015 12th International Bhurban
Conference on Applied Sciences and Technology (IBCAST) (pp. 280-285). IEEE.
Vemi, S.G. and Panchev, C., 2015, January. Vulnerability testing of wireless access points using
unmanned aerial vehicles (uav). In Proceedings of the European Conference on e-Learning (p.
245). Academic Conferences and Publishing International.
1 out of 5
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.