Flipkart.com

Saturday 7 February 2015

What is TCP/IP & UDP Attacks...


Hello, Lets explain "TCP/IP & UDP Attacks", Most common and effective Web attacks...Lets Know abt its basic and types...



TCP/IP Attacks

1. TCP SYN or TCP ACK Flood Attack

2. TCP Sequence Number Attack

3. TCP/IP

UDP attacks
1. ICMP Attacks
2. Smurf Attacks
3. ICMP Tunneling



TCP operates using synchronized connections. The synchronization is vulnerable to attack; this is probably the most common attack used today. The synchronization or handshake, process initiates a TCP connection. This handshake is particularly vulnerable to a DoS attack referred to as the TCP SYN Flood attack. The process is also susceptible to access and modification attacks, which are briefly explained in the following sections.



TCP SYN or TCP ACK Flood Attack: This attack is very common... The purpose of this attack is to deny service. The attack begins as a normal TCP connection: the client and the server exchange information in TCP packets. The TCP client continues to send ACK packets to the server, these ACK packets tells the server that a connection is requested. The server thus responds to the client with a ACK packet, the client is supposed to respond with another packet accepting the connection to establish the session. In this attack the client continually send and receives the ACK packets but it does not open the session. The server holds these sessions open, awaiting the final packet in the sequence. This cause the server to fill up the available connections and denies any requesting clients access.



TCP Sequence Number Attack: This is when the attacker takes control of one end of a TCP session. The goal of this attack is to kick the attacked end of the network for the duration of the session. Only then will the attack be successful. Each time a TCP message is sent the client or the server generates a sequence number. The attacker intercepts and then responds with a sequence number similar to the one used in the original session. This attack can then hijack or disrupt a session. If a valid sequence number is guessed the attacker can place himself between the client and the server. The attacker gains the connection and the data from the legitimate system. The only defense of such an attack is to know that its occurring... There is little that can be done...


TCP Hijacking: This is also called active sniffing, it involves the attacker gaining access to a host in the network and logically disconnecting it from the network. The attacker then inserts another machine with the same IP address. This happens quickly and gives the attacker access to the session and to all the information on the original system.

UDP packets aren't connection oriented and don't require the synchronization process as with TCP. UDP packets, however, are susceptible to interception, thus it can be attacked. UDP, like TCP, doesn't check the validity of an IP address. The nature of this layer is to trust the layer above it (I'm referring to the IP layer). The most common UDP attacks involve UDP flooding. UDP flooding overloads services, networks, and servers. Large streams of UDP packets are focused at a target, causing UDP services on that host to shut down. It can also overload the network and cause a DoS situation to occur.

ICMP Attacks: This occur by triggering a response from the ICMP protocol when it responds to a seemingly legitimate request (think of it as echoing). Ping for instance, that uses the ICMP protocol. Ping is a good example of this type of attack, it overloads te server with more bytes than it can handle, larger connections. Its ping flood.

Smurf Attacks: This attack uses IP spoofing and broadcasting to send a ping to a group of hosts on a network. When a host is pinged it send back ICMP message traffic information indicating status to the originator. If a broadcast is sent to network, all hosts will answer back to the ping. The result is an overload of network and the target system. The only way to prevent this attack is to prohibit ICMP traffic on the router.

ICMP Tunneling: ICMP can contain data about timing and routes. A packet can be used to hold information that is different from the intended information. This allows an ICMP packet to be used as a communications channel between two systems. The channel can be used to send a Trojan horse or other malicious packet. The counter measure is to deny ICMP traffic on your network.

Warning: ICMP can be very dangerous..and Even, Don't try such attack from your pc, untill you don't know that how to be invisible on internet! Beccause once you get traced out ...No one can help you from Troubles..

Content from: CA

9 comments:

  1. It's actually a great and helpful piece of info. I'm happy that you shared this useful info with us. Please stay us informed like this. Thanks for sharing. sign in hotmail

    ReplyDelete
  2. We require more such articles that we can read with such energy.
    192.168.01 login

    ReplyDelete
  3. A man was running strolling to his goal and went over a mountain. He could hear the hints of the individuals who were pursuing him. The mountain like a mammoth stood resistant in his way how to become good hacker

    ReplyDelete
  4. Wow, cool post. I'd like to write like this too - taking time and real hard work to make a great article... but I put things off too much and never seem to get started. Thanks though. https://192-168-i-i.com

    ReplyDelete
  5. The article looks magnificent, but it would be beneficial if you can share more about the suchlike subjects in the future. Keep posting. 192.168

    ReplyDelete
  6. This online journal is so pleasant to me. I will continue coming here over and over. Visit my connection too.. check my ip address

    ReplyDelete
  7. As first time homeowners and newbies on the mortgage process, Dashna was very informative and thorough in the mortgage pre-approval, and approval process. mortgage payment calculator Actual payment amounts may vary and will probably be determined at the time of signing the Mortgage Loan Agreement. canada mortgage calculator

    ReplyDelete
  8. My Facebook account was hacked please help me

    ReplyDelete

IHT