PricingBlogAbout Us

TCP/IP Vulnerabilities, Countermeasures, and Product Recommendations

Verified

Added on  2022/10/11

|4
|529
|16
Report
AI Summary
This report delves into the vulnerabilities inherent in TCP/IP, focusing on TCP blind spoofing and SYN flooding, detailing their mechanisms and potential impacts. The report provides an overview of how these attacks work, and the implications of successful exploitation. The report then outlines several countermeasures to mitigate these vulnerabilities, including the implementation of packet filtering systems, anti-spoofing filters, and the adjustment of SYN-received timers. It also recommends the use of firewalls as a crucial component in securing networks, highlighting their effectiveness in differentiating between internal and external packets. Finally, the report references supporting literature to validate the information provided.
Document Page
Running head: INFORMATION ASSURANCE AND INFORMATION SECURITY 1
Introduction to Information Assurance and Information Security
Student’s Name
Institutional Affiliation
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
INFORMATION ASSURANCE AND INFORMATION SECURITY 2
Vulnerabilities related to TCP/IP
TCP/IP is faced by a number of vulnerabilities some these include TCP blind spoofing,
and SYN many among others.
TCP blind spoofing happens when the attacker manage to guess a sequence of a
continuing message as well as the port number of the message. Once they are successful at this
guest one is able to undertake an attack by introducing fraudulent information into the
communication sequence.
SYN flooding: In order to keep active communication the SYN and ACK fragments
requests that establish a TCP link between a client and the server is needed to respond. However
this condition is the where SYN flooding attack happens where several SYN packets are
deceived using a source address that is not genuine being send to the server and during
compulsion to respond the server sends out SYN-ACK packets to a non-existent address
(Vallone, Taylor, Venables, & Huang, 2018). This creates a flood of half-opened periods in
anticipation of responses that may never come, hence no new networks will be permitted by the
server and link from the genuine user shall be disregarded.
Countermeasures that address the vulnerabilities
TCP blind spoofing vulnerability is prevented by setting up an all-inclusive packet
filtering system, which analyzes and reject inbound data packets which have source addresses of
devices inside a specific network. For outgoing packets containing sender addresses to the
external network are also watched for and filtered.
SYN flooding vulnerability can be countered through use of anti-spoofing filtering on
network device. TCP system prediction attacks is affectively stopped by a firewall or router
Document Page
INFORMATION ASSURANCE AND INFORMATION SECURITY 3
configured to stop packets from an internal IP address coming from an external interface. In
addition, reduce SYN-received timer (Cotton, Cosby, MacKay, & Shilling, 2017). This is a fast
implementation defense which shorten the timeout between the receiving SYN and securing the
created TCP for lacking progress. By reducing the SYN-received time it restricts the lifespan that
keeps false connection efforts from continuing for as long in the backlog, hence free up space for
the authentic user connection to be established.
Recommended products for addressing TCP/IP vulnerabilities
The best product used to address TCP/IP vulnerabilities is configuring firewalls, this
makes a clear and effective differences between inside and outside (Cotton, Cosby, MacKay, &
Shilling, 2017). Therefore, packets from outside which claim to be from inside will be dropped
and vice versa.

⊘ This is a preview!⊘

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
INFORMATION ASSURANCE AND INFORMATION SECURITY 4
References
Cotton, M., Cosby, M., MacKay, G., & Shilling, B. (2017). U.S. Patent No. 9,667,643.
Washington, DC: U.S. Patent and Trademark Office.
Vallone, D., Taylor, P., Venables, P. J., & Huang, R. Y. (2018). U.S. Patent Application No.
16/036,138.
chevron_up_icon
1 out of 4
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.