Network Attacks Flashcards
How does a TCP Reset Attack work?
By sending a RST packet to immediately break the connection
How does a TCP Flooding Attack work?
By sending continuously sending packets that do not finish the 3rd step of the TCP handshake (sending acknowledgment packet)
What is a countermeasure to the SYN flooding attack
SYN Cookies
How do SYN cookies work?
They do not store half open connections in queue.
This is done by asking for a hashed sequence number that can be decrypted using only a secret key from the server.
This value is H.
H will be sent as initial sequence number from the server.
H will not reach the attacker as the attacker must create half open connections to random IPs.
What is the goal of the TCP session hijacking attack?
To inject data in a TCP connection, triggering buffer overflow at the receivers machine
What is the requirement for the TCP session hijacking attack in terms of the sequence number?
It must inject data at the next sequence number.
If a packet uses x + theta, then the injected data will be stored theta spaces later, having no effect.
Furthermore, if theta is too large, it may fall out of the boundary
What countermeasures exist to make it difficult for attackers to spoof packets
Randomise initial sequence number.
Encrypt TCP payload and header.
