- DCN Tutorial
- Data Comm & Networks Home
- DCN - Overview
- DCN - Computer Network Types
- DCN - Network LAN Technologies
- DCN - Computer Network Topologies
- DCN - Computer Network Models
- DCN - Computer Network Security
- Physical Layer
- DCN - Physical Layer Introduction
- DCN - Digital Transmission
- DCN - Analog Transmission
- DCN - Transmission media
- DCN - Wireless Transmission
- DCN - Multiplexing
- DCN - Network Switching
- Data Link Layer
- DCN - Data Link Layer Introduction
- DCN - Error detection and Correction
- DCN - Data Link Control & Protocols
- Network Layer
- DCN - Network Layer Introduction
- DCN - Network Addressing
- DCN - Routing
- DCN - Internetworking
- DCN - Network Layer Protocols
- Transport Layer
- DCN - Transport Layer Introduction
- DCN - Transmission Control Protocol
- DCN - User Datagram Protocol
- Application Layer
- DCN - Application Layer Introduction
- DCN - Client-Server Model
- DCN - Application Protocols
- DCN - Network Services
- DCN Useful Resources
- DCN - Quick Guide
- DCN - Useful Resources
What are security issues in IP protocol?
There are three security issues that are applicable to the IP protocol −
- Packet Sniffing
- Packet Modification
- IP Spoofing
Let us discuss each issue in detail.
A guest may intercept an IP packet and create a copy of it.
The packet sniffing is generally a passive attack, where the attacker does not change the contents of the packet.
Packet sniffing attack is difficult to detect because here the sender and receiver doesn’t know that the packet has been copied.
Even though the packet sniffing cannot be stopped, the encryption of the packet can make the attacker’s effort useless. Still the attackers may sniff the packet, but the content is not detectable.
Packet Modification is the second type of attack which is helpful to modify the packet.
The attacker interrupts the packet, changes its contents, and sends the new packet to the receiver.
The receiver thought that the packet was coming from the original sender only. This type of attack is detected by using a data integrity mechanism.
Before opening and using the contents of the message the receiver can use this mechanism to verify that the packet has not been changed during the transmission.
An attacker can masquerade as somebody else and create an IP packet which carries the source address of another computer.
An attacker sends an IP packet to a bank pretending it is coming from one of the customers. This type of attack can be used to prevent by using an origin authentication mechanism
IP Security (IP SEC)
IPSec protocol is used in conjunction with the IP protocol.
It creates a connection-oriented service between two entities in which they can exchange IP packets without worrying about the Packet Sniffing, Packet Modification and IP Spoofing.
IPSEC provides four services they are as follows −
Defining Algorithms and Keys − The two entities used to create a secure channel between them can agree on some available algorithms and keys to be used for security purposes.
Packet Encryption − The packets exchanged between two parties can be encrypted for privacy using one of the encryption algorithms and shared key agreed upon in the first step. This makes the packet sniffing attack useless.
Data Integrity − Data integrity guarantees where the packet is not modified during the transmission. If the received packet does not pass the data integrity test, it is discarded. This prevents the packet modification.
Origin Authentication − IPSec can authenticate the origin of the packet to be sure that the packet is not created by an imposter. This can prevent IP spoofing attacks.
- Related Articles
- What are the security issues in a data warehouse?
- What are the security issues in mobile database environment?
- What are the major issues in multilevel security based on distributed security manager?
- What are issues in congestion control and how is it handled in TCP/IP?
- What are the security issues of using a trusted network?
- What are the privacy and security issues associated with chatbots?
- IP security (IPSec)
- What are threading issues?
- What are the issues in database privacy?
- What are the issues in Merger & Acquisitions?
- Substantial Concepts Associated with Internet Protocol Security
- Do Smart TVs Have Privacy Issues and Security Risks?
- What are the main Security Frameworks in information security?
- What are the specific security mechanism in Information Security?
- What are the Pervasive Security Mechanisms in Information Security?