International Research journal of Management Science and Technology

  ISSN 2250 - 1959 (online) ISSN 2348 - 9367 (Print) New DOI : 10.32804/IRJMST

Impact Factor* - 6.2311


**Need Help in Content editing, Data Analysis.

Research Gateway

Adv For Editing Content

   No of Download : 654    Submit Your Rating     Cite This   Download        Certificate

TCP / IP PROTOCOL SUITE , ATTACKS AND SECURITY TOOLS

    4 Author(s):  ARUNA TIWARI, DR. MANGLESH JAISWAL , NUTAN VARMA , DR. B. L. JOSHI

Vol -  5, Issue- 4 ,         Page(s) : 14 - 26  (2014 ) DOI : https://doi.org/10.32804/IRJMST

Abstract

The TCP/IP protocol suite is the foundation of Internet and is ubiquitous in almost all networks worldwide. It was written as a robust protocol, which is able to communicate despite node failures. The design parameters of TCP did not weigh security as important and placed an implicit trust on nodes. The result was a protocol which was reliable and robust, but contained myriad inherent security flaws, open to be exploited by a malicious entity as was amply demonstrated by Morris worm [1]. The TCP/IP is combination of different protocols at various layers.TCP/IP is the basic communication language or protocol of the Internet and private networks either an intranet or an extranet. The TCP/IP suite has many design weaknesses so far as security and privacy are concerned. Some of these are protocol design weaknesses, whereas rest is defects in the software that implements the protocols. In this paper, we focused mainly on protocol level issues, rather than implementation flaws and discuss about the security issues related to the some of the protocols in the TCP/IP suite.

order online

  1. Spafford, Eugene H. The internet worm incident. Springer Berlin Heidelberg, 1989.
  2. Braden, Robert. "RFC-1122: Requirements for internet hosts." Request for Comments                                                                         (1989): 356-363. 
  3. Barden, R. "RFC 1123: Requirements for InterNet Hosts-Application and Support." InterNet Network Working Group (1989).
  4. CERT, "CERT Advisory CA-1996-21 TCP SYN Flooding and IP Spoofing Attacks," September 1996 
  5. Tanase, Matthew. "IP spoofing: an introduction." Security Focus 11 (2003).
  6. Ferguson, Paul. "Network ingress filtering: Defeating denial of service attacks which employ IP source address spoofing." (2000). 
  7. Heberlein, L. Todd, and Matt Bishop. "Attack class: Address spoofing."Proceedings of the 19th National Information Systems Security Conference. 1996. 
  8. Trabelsi, Zouheir, and Khaled Shuaib. "NIS04-4: Man in the Middle Intrusion Detection." Global Telecommunications Conference, 2006. GLOBECOM'06. IEEE. IEEE, 2006 
  9. Barbir, A., S. Murphy, and Y. Yang. "Generic threats to routing protocols." (2006). 
  10. Bellovin, Steven M. "A look back at." Computer Security Applications Conference, 2004. 20th Annual. IEEE, 2004. 
  11. Harris, B., and R. Hunt. "TCP/IP security threats and attack methods."Computer Communications 22.10 (1999): 885-897
  12. “Wireshark”, online, www.wireshark.org. (last accessed on 25 May 2013) 
  13. “TCPdump and libpcap”, online, http://www.tcpdump.org/”(last accessed on 26 May 2013) 
  14. “KISMET”, online, http://www.kismetwireless.net/ , (last accessed on 25 May 2013) 
  15. “ETTERCAP”, online, http://ettercap.github.io/ettercap/, (last accessed on 25 May 2013) 
  16. “NESSUS vulnerability scanner”, online, http://www.tenable.com/products/nessus (last accessed on 25 May 2013) 
  17. “Open VAS- Open Vulnerability Assessment System”, online, www.openvas.org (last accessed on 25 May 2013). 
  18. “Core-impact”, online, http://www.coresecurity.com/core-impact-pro (last accessed on 25 May 2013). 
  19. “Retina Network Security Scanner”, online, http://www.beyondtrust.com/Products/RetinaNetworkSecurityScanner/ (last accessed 28 May 2013) 
  20. Roesch, Martin. "Snort-lightweight intrusion detection for networks."Proceedings of the 13th USENIX conference on System administration. 1999. 
  21. Leach, John, and Gianni Tedesco. "Firestorm network intrusion detection system." Firestorm Documentation (2003). 
  22. Zaraska, Krzysztof. "Prelude IDS: current state and development perspectives."URL http://www. prelude-ids. org/download/misc/pingwinaria/2003/paper. pdf(2003). 
  23. Allan, Ant. "Enterasys Networks Dragon Intrusion Detection System (IDS)." (2002). 
  24. Bro, I. D. S. "Homepage: http://www. bro-ids. org." (2013). 
  25. “Suricata Intrusion Detection System”, online, http://suricata-ids.org/ (last accessed 31 May 2013) 
  26. Yao, Xiaoyu, and Chen ZHAO. "Research on Implementation and Application of Linux Kernel Firewall Netfilter [J]." Computer Engineering 8 (2003): 042. 
  27. Reed, D.: IP Filter. Online. http://coombs.anu.edu.au/~avalon/ip-filter.html (Last accessed 31 May 2013) 
  28. “Nmap”, online, http://nmap.org/. (last accessed 1 Jun 2013) 
  29. “What is netcat?”, online, http://netcat.sourceforge.net/, (last accessed 1 Jun 2013) 
  30. “hping”, online, http://www.hping.org/ (last accessed 1 Jun 2013)

*Contents are provided by Authors of articles. Please contact us if you having any query.






Bank Details