Abstract
The Internet put the rest of the world at the reach of our computers. In the same way it also made our computers reachable by the rest of the world. Good news and bad news! Over the last decade, the Internet has been subject to widespread security attacks. Besides the classical terms, new ones had to be found in order to designate a large collection of threats: Worms, break-ins, hackers, crackers, hijacking, phrackers, spoofing, man-in-the-middle, password-sniffing, denial-of-service , and so on.Since the Internet was born of academic efforts to share information, it never strove for high security measures. In fact in some of its components, security was consciously traded for easiness in sharing. Although the advent of electronic commerce has pushed for "real security" in the Internet, there are still a large number of users (including computer scientists) that are very vulnerable to attacks, mostly because they are not aware of the nature (and ease) of the attacks and still believe that a "good" password is all they need to be concerned about.Aiming for a better understanding of the subject, we wrote a first paper [1] in which we discussed several threats and attacks related to TCP/IP . The present work is an extension of the first one, and its main goal is to include T/TCP in the discussion. Additionally, in an effort to make this paper more comprehensive, we included some sections from the former.Besides the description of each attack (the what ), we also discuss the way they are carried out (the how ) and, when possible, the related means of prevention, detection and/or defense.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.