Inherent vulnerabilities in TCP creates panic For the last decade it’s been proven that implementations of TCP that used linear or non-random sequence numbers were vulnerable to various types of attack. The type and severity of the attack depended upon how easily the sequence numbers for a TCP session could be had. So in other words, if I know exactly what the sequence numbers are for session I can hijack that connection using various IP spoofing techniques. But what if I only have a basic idea of what those sequence numbers are then a flood of spoofed TCP packets with a range of sequence numbers could be used to reset a connection.
What has security experts worried is that Border Gateway Protocol or BGP for short uses TCP connections to communicate routing information to other Internet routers. This means that if these connections are constantly reset routers won’t route internet traffic and a global denial of service condition will manifest. To overcome these vulnerabilities US computer emergency readiness team (cert) recommends the use of IPsec encryption services to protect against this new attack. Cert also recommends the implementation of MD5 sums in TCP headers to further harden the protocol.
For more information on IPsec see the below links:
windows
linux
Comments (0)
Topsight.net
http://www.topsight.net/article.php/20040421132604301