{"id":856,"date":"2009-02-18T22:15:25","date_gmt":"2009-02-18T21:15:25","guid":{"rendered":"http:\/\/www.mitternachtshacking.de\/blog\/856-security-assessment-of-the-transmission-control-protocol-tcp"},"modified":"2018-05-22T19:41:36","modified_gmt":"2018-05-22T18:41:36","slug":"security-assessment-of-the-transmission-control-protocol-tcp","status":"publish","type":"post","link":"https:\/\/www.mitternachtshacking.de\/blog\/856-security-assessment-of-the-transmission-control-protocol-tcp","title":{"rendered":"Security Assessment of the Transmission Control Protocol (TCP)"},"content":{"rendered":"<p>Das UK &#8222;<a href=\"http:\/\/www.cpni.gov.uk\/\">Centre for the Protection of National Infrastructure<\/a>&#8220; in Person von <a href=\"http:\/\/www.gont.com.ar\/\">Fernando Gont<\/a> hat ein hervorragendes Dokument \u00fcber die Schwachstellen in TCP ver\u00f6ffentlicht:<\/p>\n<ul>&#8222;During the last twenty years, many vulnerabilities have been identified in the TCP\/IP stacks of a number of systems. Some of them were based on flaws in some protocol implementations, affecting only a reduced number of systems, while others were based in flaws in the protocols themselves, affecting virtually every existing implementation. Even in the last couple of years, researchers were still working on security problems in the core protocols.<\/ul>\n<ul>For some reason, much of the effort of the security community on the Internet protocols did not result in official documents (RFCs) being issued by the IETF (Internet Engineering Task Force). This basically led to a situation in which &#8218;known&#8216; security problems have not always been addressed by all vendors. In addition, in many cases vendors have implemented quick &#8218;fixes&#8216; to the identified vulnerabilities without a careful analysis of their effectiveness and their impact on interoperability.&#8220;<\/ul>\n<p>Das sind <a href=\"http:\/\/www.cpni.gov.uk\/Products\/technicalnotes\/Feb-09-security-assessment-TCP.aspx\">130 Seiten, die vom CPNI heruntergeladen<\/a> werden k\u00f6nnen. Das ist ein &#8222;must read&#8220; f\u00fcr alle Penetrationstester, die sich mit Portscans, Denial-of-Service Angriffen, TCP\/IP Fingerprinting oder Session Injection Angriffen besch\u00e4ftigen. Das Dokument enth\u00e4lt Beispiel-Source-Code, Erkl\u00e4rungen und Hintergrundinformationen die ich in dieser Form und Tiefe weder aus dem <a href=\"http:\/\/www.amazon.de\/TCP-Illustrated-Addison-Wesley-Professional-Computing\/dp\/0201776316\">Stevens<\/a> noch aus dem <a href=\"http:\/\/www.amazon.de\/Comer-Douglas-Internetworking-Principles-Architectures\/dp\/0130183806\">Comer<\/a> kenne. Nehmt euch die Zeit, so zwei bis drei Stunden um das zu lesen und so gut wie m\u00f6glich zu verstehen. Und wenn ihr weder den Stevens noch den Comer kennt, kauft euch einen von den beiden. Ich pers\u00f6nlich bevorzuge den Stevens aber das ist mehr so eine Geschmacksfrage.<\/p>\n<p>Sowas w\u00fcrde ich gerne mal vom deutschen <a href=\"http:\/\/www.bsi.de\/\">Bundesamt f\u00fcr Sicherheit in der Informationstechnik<\/a> sehen und nicht immer nur die <a href=\"\/blog\/31-bsi-grundschutz-fur-eine-kleine-organisation\">alte Leier vom Grundschutz<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Das UK &#8222;Centre for the Protection of National Infrastructure&#8220; in Person von Fernando Gont hat ein hervorragendes Dokument \u00fcber die Schwachstellen in TCP ver\u00f6ffentlicht: &#8222;During the last twenty years, many vulnerabilities have been identified in the TCP\/IP stacks of a number of systems. Some of them were based on flaws in some protocol implementations, affecting [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[10,3,6],"tags":[],"_links":{"self":[{"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/posts\/856"}],"collection":[{"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/comments?post=856"}],"version-history":[{"count":0,"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/posts\/856\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/media?parent=856"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/categories?post=856"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/tags?post=856"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}