Network security via reverse engineering of TCP code: vulnerability analysis and proposed solutions

Proceedings of IEEE INFOCOM '96. Conference on Computer Communications Pub Date : 1996-03-24 DOI:10.1109/INFCOM.1996.493354

Biswaroop Guha, B. Mukherjee

{"title":"Network security via reverse engineering of TCP code: vulnerability analysis and proposed solutions","authors":"Biswaroop Guha, B. Mukherjee","doi":"10.1109/INFCOM.1996.493354","DOIUrl":null,"url":null,"abstract":"The transmission control protocol/Internet protocol (TCP/IP) suite is widely used to interconnect computing facilities in modern network environments. However, there exist several security vulnerabilities in the TCP specification and additional weaknesses in a number of its implementations. These vulnerabilities may enable an intruder to \"attack\" TCP-based systems, allowing him/her to \"hijack\" a TCP connection or cause denial of service to legitimate users. We analyze TCP code via a \"reverse engineering\" technique called \"slicing\" to identify several of these vulnerabilities, especially those that are related to the TCP state-transition diagram. We discuss many of the flaws present in the TCP implementation of many widely used operating systems, such as SUNOS 4.1.3, SVR4, and ULTRIX 4.3. We describe the corresponding TCP attack \"signatures\" (including the well-known 1994 Christmas Day Mitnick Attack) and provide recommendations to improve the security state of a TCP-based system, e.g., incorporation of a \"timer escape route\" from every TCP state.","PeriodicalId":234566,"journal":{"name":"Proceedings of IEEE INFOCOM '96. Conference on Computer Communications","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1996-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"54","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of IEEE INFOCOM '96. Conference on Computer Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INFCOM.1996.493354","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 54

Abstract

The transmission control protocol/Internet protocol (TCP/IP) suite is widely used to interconnect computing facilities in modern network environments. However, there exist several security vulnerabilities in the TCP specification and additional weaknesses in a number of its implementations. These vulnerabilities may enable an intruder to "attack" TCP-based systems, allowing him/her to "hijack" a TCP connection or cause denial of service to legitimate users. We analyze TCP code via a "reverse engineering" technique called "slicing" to identify several of these vulnerabilities, especially those that are related to the TCP state-transition diagram. We discuss many of the flaws present in the TCP implementation of many widely used operating systems, such as SUNOS 4.1.3, SVR4, and ULTRIX 4.3. We describe the corresponding TCP attack "signatures" (including the well-known 1994 Christmas Day Mitnick Attack) and provide recommendations to improve the security state of a TCP-based system, e.g., incorporation of a "timer escape route" from every TCP state.

查看原文本刊更多论文

网络安全通过TCP代码的逆向工程:漏洞分析和提出解决方案

在现代网络环境中，传输控制协议/互联网协议(TCP/IP)套件被广泛用于计算设备的互连。然而，TCP规范中存在几个安全漏洞，并且在其许多实现中存在其他弱点。这些漏洞可能使入侵者能够“攻击”基于TCP的系统，允许他/她“劫持”TCP连接或导致拒绝合法用户的服务。我们通过一种称为“切片”的“逆向工程”技术来分析TCP代码，以识别其中的几个漏洞，特别是那些与TCP状态转换图相关的漏洞。我们讨论了许多广泛使用的操作系统(如SUNOS 4.1.3、SVR4和ULTRIX 4.3)的TCP实现中存在的许多缺陷。我们描述了相应的TCP攻击“签名”(包括著名的1994年圣诞节Mitnick攻击)，并提供了改进基于TCP的系统安全状态的建议，例如，从每个TCP状态中合并“计时器逃逸路由”。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of IEEE INFOCOM '96. Conference on Computer Communications

自引率

0.00%

发文量