Security Problems with TCP/IP

This paper examines the basic security flaws involved with TCP/IP protocols in the Internet world.

The paper defines TCP/IP as basically the core of the Internet. It consists of both TCP and IP protocols, with the Internet protocol (IP) the network layer of the Internet which provides a connection-free service and the The Transmission Control protocol (TCP), which runs on top of the IP protocol, providing a connection-oriented service between the sender and the receiver. The paper discusses how, at one time, the Internet was a specialized tool; but today, it is a general-purpose tool used for a variety of things by both individuals and businesses. The TCP/IP protocols were designed when the Internet was still very young and users trusted each other, for the most part.

The paper shows how these protocols lack some of the most basic mechanisms for security, including authentication and encryption. As more and more people use the Internet and use of the TCP/IP protocols increases, this lack of security is becoming a major issue. This paper examines the basic security flaws involved with TCP/IP protocols, discussing the roots of and possible solutions to these problems.
“Network developers generally use client-side cookies to combat the TCP session hijacking problem (Atkins, 1997). Cookies allow the system to check the identity of the user by means of storing the CFID and CFTOKEN in client side cookies and using that information to accurately identify the user. The cookies are issued when the user logs in, so this technique is generally effective.

A hacker would actually have to literally copy the cookies off another’s machine to steal their identity. However, a lot of people do not like cookies and may even have them disabled. Fortunately, there are other ways.”