What are the limitations or vulnerabilities of the Internet?

From ScenarioThinking
Revision as of 15:52, 25 April 2008 by Gvalaouras (talk | contribs) (New page: The IP protocol which is employed by the vast majority of large corporate and academic networks as well as the Internet. Its strength lies in its easily and flexibly routed packets. IP's j...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

The IP protocol which is employed by the vast majority of large corporate and academic networks as well as the Internet. Its strength lies in its easily and flexibly routed packets. IP's job is to deliver a packet from one machine, the source machine, to another, the destination machine. It provides a connection-less service; each packet is independent of the other, in that each packet of information can take a different path to the destination machine. It is also very common for packets arrive out of sequence.

IP's strength, however, is also its weakness. The IP protocol uses unencrypted packet headers, so that any host along the path of a packet can read the source and destination addresses within the IP header. This makes IP networks vulnerable to a number of security risks, such as IP Spoofing, Packet Sniffing, and Session Hijacking.

IP Spoofing is an attack where an attacker pretends to be sending data from an IP address other than the address of the source machine. In turn the destination machine will send information to the IP address specified as the source address, which has been changed. IP Spoofing is possible for two reasons. The first is the lack of encryption, which permits any host along the path of a packet to read and change the information within the IP Header. The second is that the IP protocol does not provide a method for authenticating packets. The receiver has no way of verifying that the packet has not been altered along the way.

The second security risk is Packet Sniffing, also known as Electronic Eavesdropping. This is another attack that is possible on Ethernet-based networks. Packets traversing a LAN are available to every node on the network, and each node's network interface card is capable of collecting all packets. Normally, network interface cards only listen and respond to packets addressed to them, however a card can be put in what is known as "promiscuous mode". This enables a card to collect every single packet that it sees.

Another security risk with IP-networks is Session Hijacking or Man-in-the-Middle attack. This is a variant of IP Spoofing, where a host inserts itself in the middle of a connection, acquiring access to information transmitted between the other hosts.

Source: http://hygelac.cas.mcmaster.ca/courses/SE-4C03-01/papers/Dimitrov-IPSec.html

Retrieved from "https://www.scenariothinking.org/index.php?title=What_are_the_limitations_or_vulnerabilities_of_the_Internet%3F&oldid=23442"