updates
This commit is contained in:
Trance-0
27
content/CSE4303/CSE4303_L4.md
Normal file
27
content/CSE4303/CSE4303_L4.md
Normal file
@@ -0,0 +1,27 @@
|
||||
# CSE4303 Introduction to Computer Security (Lecture 4)
|
||||
|
||||
## Network attacks
|
||||
|
||||
### Examining the transport layer
|
||||
|
||||
#### Transmission Control Protocol (TCP)
|
||||
|
||||
Connection-oriented, preserves order
|
||||
|
||||
- Sender
|
||||
- Break data into packets
|
||||
- Attach packet numbers
|
||||
- Receiver
|
||||
- Acknowledge receipt; lost packets are resent
|
||||
- Reassemble packets in correct order
|
||||
|
||||
#### Security Problems
|
||||
|
||||
1. Network packets pass by untrusted hosts
|
||||
- Eavesdropping, packet sniffing
|
||||
- Especially easy when attacker controls a machine close to victim (e.g. WiFi routers)
|
||||
2. TCP state easily obtained by eavesdropping
|
||||
- Enables spoofing and session hijacking
|
||||
3. Denial of Service (DoS) vulnerabilities
|
||||
|
||||
|
||||
Reference in New Issue
Block a user