Abstract
The TCP/IP protocol suite, which is very widely used today, was developed
under the sponsorship of the Department of Defense. Despite that, there are
a number of serious security flaws inherent in the protocols, regardless of
the correctness of any implementations. We describe a variety of attacks based
on these flaws, including sequence number spoofing, routing attacks, source
address spoofing, and authentication attacks. We also present defenses against
these attacks, and conclude with a discussion of broad-spectrum defenses such
as encryption.