IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [tcp]

Transmission Control Protocol (TCP) is a transport layer protocol that provides a connection-oriented data stream service with guaranteed, in-order delivery.

Transmission Control Protocol (TCP) is a transport layer protocol that provides a connection-oriented data stream service with guaranteed, in-order delivery on top of the underlying packet-oriented, unreliable IP layer. TCP is referred to as a connection-oriented protocol. This is opposed to UDP, which offers a relatively bare-bones unreliable all-or-nothing delivery of discrete packets and referred to as a connection-less protocol.

There is more information at the Wikipedia article on TCP.

305 questions
62
votes
11 answers

Why is TCP more secure than UDP?

While reading MS SDL (Microsoft Security Development Lifecycle) presentations I found a recommendation to replace UDP with TCP in applications because TCP is more secure than UDP. But both of them are only transport layers, nothing more. So why is…
sluge
  • 1,085
  • 1
  • 10
  • 9
46
votes
4 answers

Why does TLS require TCP?

I have an upcoming oral network security exam and know that in past exams, the professor asked about why TLS requires TCP. I know that there is DTLS but it wasn't part of the lecture. So the question is about what advantage TLS gains by requiring…
UTF-8
  • 2,300
  • 1
  • 9
  • 24
34
votes
1 answer

I have found ports on my Samsung smart tv running a display service. What can I do with it?

I have a Samsung Smart TV running Tizen OS, and out of curiosity I scanned it with Nmap. I found multiple open ports. One of those ports is running a "display" service. Does this mean it can cast its own screen, or that i can cast my screen to it?
Saker Alabas
  • 451
  • 1
  • 4
  • 4
31
votes
4 answers

Is it possible to pass TCP handshake with spoofed IP address?

Little time ago, me and my friends argued if TCP handshake can be passed with a spoofed IP address. Assume I have a web server that allows only certain IP addresses. Can anyone connect that web server by IP spoof?
ibrahim
  • 571
  • 3
  • 7
  • 13
28
votes
2 answers

Security risk of opening port 111 (rpcbind)?

As far as I understood rpcbind is used for listing active services, and telling the requesting client where to send the RPC request. If a host listens on port 111, one can use rpcinfo to get program numbers and ports and services running; For…
Goli E
  • 895
  • 1
  • 11
  • 20
28
votes
3 answers

How does "traceroute over TCP" work, what are the risks, and how can it be mitigated?

There is a utility called tcptraceroute, and this enhancement called intrace that is used just like a standard traceroute, but it works over TCP. How is the syn flag in TCP used to achieve traceroute like functionality (when ICMP is off) What…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
28
votes
3 answers

Disadvantages of replacing TCP/IP with blockchain

I read this blog (cached version) (and the related cached tweet) about replacing TCP/IP with blockchain. Tweet: The Internet has a serious fundamental flaw: the transmission control protocol/internet protocol (TCP/IP)—the primary engine…
MR.-c
  • 447
  • 1
  • 3
  • 7
28
votes
2 answers

How is this "captive portal" intercepting and manipulating my HTTP requests?

I sometimes use a free Wifi service to get access to the internet. Like most/all providers of services like this, this service employs a captive portal. So if you try to make a HTTP request (request a web page) in your browser and you are not…
the_velour_fog
  • 727
  • 6
  • 15
27
votes
4 answers

What security mechanisms are used in BGP and why do they fail?

I just read about Indosat trying to take over the Internet by mistake. I read on a Polish infosec-related website that most of their announced routes failed to propagate, but some of them reached the whole internet. This made me wonder - what…
d33tah
  • 6,524
  • 8
  • 38
  • 60
23
votes
1 answer

Does TCP/IP protocol offer a reliable way of determining who the actual sender was?

So I'm just poking around the TCP/IP protocol using a Ruby library called PacketFu, and it seems to me that in each packet, it is possible to set all of the following Source IP Destination IP Source MAC Address Destination MAC Address and a whole…
OneChillDude
  • 411
  • 2
  • 10
19
votes
3 answers

Black-box fuzzing a TCP Port running an unknown applicaiton

I'm looking for any guidance around testing a service I've found running on a target server. I'm doing a 'black-box' pen-test and the company is one of those 'I-don't-want-to-tell-you-anything' types so they won't tell us what service is…
NULLZ
  • 11,426
  • 17
  • 77
  • 111
17
votes
3 answers

Pros and cons of disabling TCP timestamps

So, lynis informs me that I should unset net.ipv4.tcp_timestamps. I know that's a bad thing because an attacker could figure out which updates that require restarting the machine I haven't applied, or they could use it to figure out my update…
Parthian Shot
  • 861
  • 2
  • 10
  • 18
16
votes
1 answer

Nmap - Closed vs Filtered

A lot of people seem to ask this question, as there are a bunch of posts about it; however I feel like none truly answer the question (that I have found). I want to understand why Nmap decides to tell me that a specific port is "filtered" when there…
Ryan B
  • 163
  • 1
  • 1
  • 5
15
votes
3 answers

Encrypt and Authenticate localhost-traffic?

I have some app-components on the same machine but in different languages which need to communicate. I am using socket communication over localhost to do so. The data transferred is confidential. Should this communication be encrypted? I mean an…
Biff Wellington
  • 153
  • 1
  • 4
14
votes
3 answers

How can I explain to the client that rfc2385 TCP MD5 Checksums can't be turned on for linux webservers?

I've had a long running conversation with a client where they perform a Rapid7 security scan which then warns about TCP MD5 checksums missing on port 80. This is what I think I know: RFC 2385 was designed to protect BGP, and by extension BGP-type…
Kit Sunde
  • 241
  • 2
  • 7
1
2 3
20 21