TCP SYN Cookie Vulnerability
Networking and Internet Architecture
2018-07-24 v1 Cryptography and Security
Abstract
TCP SYN Cookies were implemented to mitigate against DoS attacks. It ensured that the server did not have to store any information for half-open connections. A SYN cookie contains all information required by the server to know the request is valid. However, the usage of these cookies introduces a vulnerability that allows an attacker to guess the initial sequence number and use that to spoof a connection or plant false logs.
Cite
@article{arxiv.1807.08026,
title = {TCP SYN Cookie Vulnerability},
author = {Dakshil Shah and Varshali Kumar},
journal= {arXiv preprint arXiv:1807.08026},
year = {2018}
}
Comments
3 pages, 5 figures