Tcp Ip Security

8/3/2019 Tcp Ip Security

http://slidepdf.com/reader/full/tcp-ip-security 1/19

KYAMBOGO

U N

I V ER S

I T Y K

Y A MB O G

O

UNIVERSITY

FACULTY OF SCIENCE

Department of Computer Science

A RESEARCH REPORT ON TCP/IP SECURITY

BY

MUSIIME ANGELA 09/U/6956/ITD/PD ……………

KIMBUGWE BRIAN 09/U/789/ITD/GV …………….

KASANGAKI DOREEN 09/U/7026/ITE/PE ……………..

NSUBUGA JOSEPH 10/U/414/ITD/GV ……………

Submitted in partial fulfillment of the award of Bachelor of Information

Technology and Computing



ii

ABSTRACT This report has three chapters.

Chapter one which is the introduction; gives a description of TCP/IP protocols, a brief

background about the protocol, how they work and the mechanism they use in their

application.

Chapter two discusses security strength of TCP/IP, the security loopholes as well as the

description of the common attacks affecting the protocol.

Chapter three looks at the possible solutions for the problems discussed in chapter two. It

looks at the general alternatives to the security issues and here, firewalls plus its two

forms and the Kerberos protocol are discussed.



iii

List of Acronyms

1. TCP Transmission Control Protocol

2. IP Internet Protocol

3. ISN Initial Sequence Number

4. OSI Open Systems Interconnect

5. PIN Personal Identification Number

6. MAC Media Access Control

7. ICMP Internet Control Message Protocol

8. UDP User Datagram Protocol

9. MITM Man-in-the-middle

10. DEC Digital Equipment Corporation

11. CPU Central Processing Unit

12. KDC Key Distribution Centre

13. AS Authentication Server

14. TGS Ticket Granting Server

15. SSL Secure Socket Layer

16. IPV6 Internet Protocol Version Six

17. IPV4 Internet Protocol Version Four



iv

Table of Contents

ABSTRACT................................................................................................................... ii

List of Acronyms.......................................................................................................... iii

Table of Contents ......................................................................................................... iv

CHAPTER ONE ............................................................................................................... 1INTRODUCTION ........................................................................................................ 11.1 Internet Protocol (IP) ................................................................................................ 1

1.2 Transmission Control Protocol (TCP) ...................................................................... 1

1.2.1 The Three Way Handshake................................................................................ 2

1.2.2 TCP Sequence Numbers .................................................................................... 21.2.3 TCP Timers........................................................................................................ 3

CHAPTER TWO .............................................................................................................. 4

TCP/IP SECURITY...................................................................................................... 42.1 TCP/IP Security Strength.......................................................................................... 4

At the Physical Layer:- ............................................................................................... 4

At the Data Link Layer:-............................................................................................. 5At the Network Layer:-............................................................................................... 5

At the Transport Layer:- ............................................................................................. 5At the Session Layer: -................................................................................................ 5

At the Presentation Layer: - ........................................................................................ 5At the Application Layer: -......................................................................................... 5

2.2 TCP/IP Security Problems........................................................................................ 6

2.2.1 TCP/IP Hijacking............................................................................................... 62.2.2 Man-in-the-Middle............................................................................................. 6

2.2.3 Meet-in-the-Middle Attack................................................................................ 7

2.2.4 IP Spoofing:....................................................................................................... 8

Non-Blind Spoofing:................................................................................................... 8Blind Spoofing:........................................................................................................... 8

2.2.5 Denial of Service Attack.................................................................................... 9

CHAPTER THREE........................................................................................................ 10

SOLUTIONS TO THE SECURITY LOOPHOLES ............................................... 103.1 Firewalls.................................................................................................................. 10

3.1.1 Stateful Inspection ........................................................................................... 103.1.2 Packet filtering firewall ................................................................................... 11

3.2 Kerberos.................................................................................................................. 12

3.3 IP V6 ....................................................................................................................... 13

Recommendation ........................................................................................................ 14

Conclusion ................................................................................................................... 14

References.................................................................................................................... 15



1

CHAPTER ONE

INTRODUCTION

TCP/IP is an acronym that stands for Transmission Control Protocol Internet Protocol. A

protocol is a set of rules that govern communication over the network/internet. In 1973,

Vinton Cerf and Robert Kahn developed the first description of TCP/IP protocols and by

around 1980’s specifications for TCP and IP protocols had been finished.

The TCP/IP protocol was designed when the internet was still small and users trusted

each other. Despite the fact that the protocol lacks many features that are desirable or

needed on an insecure network, TCP/IP is a standardized internet protocol suite which

consists of two protocols that is Transmission Control Protocol and the Internet Protocol.

These two protocols are considered the most important in the world today, since they are

the basis of the internet. The functionality of the two protocols is described below.

1.1 Internet Protocol (IP)

The Internet protocol is the network layer of the internet. Its work is to route and send a

packet to its destination. IP does not provide guarantee for the packets reaching their

destination, it only tries to deliver. The IP packets which are also termed as datagrams go

through a series of routers before they reach the destination. Each node determines the

next hop for the datagram and routes it there. There is a scenario of two packets from the

same source taking different paths to the destination, and this is because the network is

dynamic. That means there is a possibility of not receiving the datagrams in sequence due

to the variable network delays.

IP tries for a best effort delivery but does not take care of lost packets. Since there is no

state maintained between two datagrams, it means IP provides a connectionless service.

1.2 Transmission Control Protocol (TCP)

Transmission Control Protocol runs on top of IP and provides a connection oriented

service between the sender and the receiver. TCP provides guaranteed delivery and

ensures that the packets are delivered in sequence. A TCP connection is identified by the



2

4-tuple that is destination IP-address, destination port, source IP-address and source port.

The ports are the actual end points of the TCP connection.

The TCP layer maintains table entries corresponding to the 4-tuple on either end. The end

systems implementing TCP need to keep the TCP state information for the duration of the

connection and this must be done for every connection.

Since the underlying network (IP) is unreliable and does not provide any guarantee for

TCP, TCP uses various mechanisms such as sequence numbers, 3-way hand shakes and

timers to provide reliability between the sender and the receiver. A short description of

some of the mechanisms used by TCP is given below.

1.2.1 The Three Way Handshake

The three way handshake is used by TCP both to establish connections as well as to

terminate these connections. It is used by most protocols to establish and terminate

connections over a non reliable link.

How it works is that when hosts A and B want to communicate using TCP, A initiates a

connection to B by sending message. B responds with an acknowledgement. Then A

sends another message back to B confirming that A received B’s acknowledgement.

Hosts A and B connect successfully when B receives the second message from A which

confirms B’s acknowledgment.

1.2.2 TCP Sequence Numbers

Remember that TCP is run over an unreliable IP which does not guarantee delivery of

packets neither does it necessarily deliver packets in sequence. Therefore to be able to

identify packets and to ensure that they are delivered to the application layer in order,

every TCP segment contains a sequence number. This means that every byte of data that

TCP sends is given a sequence number. This helps the sender and the receiver to verify

whether the data was delivered correctly and also determine whether data was dropped

possibly because of loss in transit.

During the connection phase, the sender and the receiver exchange initial sequence

numbers (ISN). After a successful initial handshake, the sender and the receiver know the



3

sequence numbers that they have to use for communication. Since TCP has a provision s

for delayed segments, it accepts segments that are out of sequence but within certain

bounds known as the receiver window size. The receiver window size is also exchanged

during the initial handshake. TCP discards all segments that do not have a sequence

number within the computed bounds. To be able to distinguish the different connections

between the sender and the receiver, the sequence numbers do not start at zero or any

fixed number each time a connection is established.

1.2.3 TCP Timers

Timers are closely knit with the TCP states. It uses them to ensure security and to keep

established connections. Some of the timers used include the following.

• Connection establishment timer: this timer is associated with the opening of a

connection. It is started when the SYN flag bit is sent during the initial connection

set up. In most TCP implementations, the value of this timer is set to 75 seconds.

If a time-out occurs, the connection is aborted.

• TIME_WAIT Timer: this timer is started when the connection enters the time-

wait state. This is to allow all the segments in transit to be removed from the

network. The value of this timer is usually set to 2 minutes and on expiration of

the timer, the connection is terminated

• KEEP_ALIVE Timer: this timer allows TCP to periodically check whether the

other end of the connection is still active. The default value of this timer is 2

hours. After the expiration of the timer, probes are sent to the remote end. If there

is no response to the probes, from the remote end, the connection is dropped.



4

CHAPTER TWO

TCP/IP SECURITY

By the fact that TCP/IP is a standard internet protocol, it can’t be left without considering

its security since currently the networks are insecure due to vastness of the internet. This

chapter talks about the security strength and the weaknesses of the protocol

2.1 TCP/IP Security Strength

However much it was designed when the internet was small with trusted users and

security was not a big concern, TCP/IP has some features that provide security to the

transmissions and communications on insecure networks. They include sequence

numbers, timers and three way handshakes which limit connections from any

unauthorized and unknown sources to be made. Their functionality is as discussed in

chapter one above.

Further more, since the OSI protocol stack is related and almost the same as the TCP/IP

protocol stack, at each layer of the OSI model, there are controls that are designed to

handle security for proper and safe transmissions.

The OSI protocol stack is a seven layer protocol designed by the International Standards

Organization (ISO) to create a standard internet connection. The layers are the Physical

layer, Data link layer, Network layer, Transport layer, Session layer, Presentation layer

and Application layer. The security controls at each layer that are designed to handle

security issues, including the physical security are listed below

At the Physical Layer:-

PIN & password secured locks

Biometric authentication systems Data Storage Cryptography

Electronic lock mechanisms for logging & detailed authorization Electromagnetic Shielding Locked perimeters and enclosures

Video & Audio Surveillance



5

At the Data Link Layer:-

Identifying stations by address and cross-referencing physical port or logical

access (MAC Address Filtering).

Layers of trust are physically isolated from one another, with policy engines suchas firewalls between them.

Wireless applications are carefully evaluated for unauthorized access exposure.

Built-in encryption and authentication is applied for secure networks.

At the Network Layer:-

Route policy controls - Use strict anti-spoofing and route filters at network edges. Firewalls with strong filter & anti-spoof policy.

ARP/Broadcast monitoring software.

Implementations that minimize the ability to abuse protocol features such asBroadcast.

At the Transport Layer:-

Strict firewall rules limiting access to specific transmission protocols and subprotocol information such as TCP/UDP port number or ICMP type.

Stateful inspection at firewall layer, preventing out-of-state packets, “illegal”flags, and other phony packet profiles from entering the perimeter.

Stronger transmission and layer session identification mechanisms to prevent the

attack and takeover of communications. At the Session Layer: -

Encrypted password exchange and storage. Accounts have specific expirations for credentials and authorization.

Protect session identification information via random/cryptographic means.

At the Presentation Layer: -

Careful specification and checking of received input coming into applications orlibrary functions.

Separation of user input and program control functions- input should be sterile

and sanity checked before being passed into functions that use the input to control

operation. Careful and continuous review of cryptography solutions to ensure current

security versus known and emerging threats.

At the Application Layer: -

Application level access controls to define and enforce access to application

resources. Controls must be detailed and flexible, but also straightforward to

prevent complexity issues from masking policy and implementation weakness. Standards, testing, and review of application code and functionality-A baseline is

used to measure application implementation and recommend improvements IDS

systems to monitor application inquiries and activity. Some host-based firewall systems can regulate traffic by application, preventing

unauthorized or covert use of the network.



6

2.2 TCP/IP Security Problems

Despite the number of mechanisms and alternatives to the security weaknesses that

TCP/IP has, this does not hinder the existence of loopholes in the protocol. The main

source of these weaknesses is authentication. Various people have always used these

loopholes to satisfy their selfish desires and this has affected many internet users. It has

been done mostly in form of attacks like TCP/IP hijacking, Man-in-the-middle attack,

meet in the middle attack, IP spoofing, sequence guessing and many more. A brief

explanation of what they are and how some of these attacks occur is given below.

2.2.1 TCP/IP Hijacking

TCP/IP hijacking is when an attacker takes over a TCP/IP session between two machines.

This allows an attacker to control an established session typically between a client and a

server. The attacker first impersonates and then disconnects the legitimate client.

Note that most authentication only occurs at the start of a TCP session, this allows the

attacker to gain access to a machine when a connection has already been established. The

attacker takes an advantage of the fact that TCP uses sequence numbers to synchronize

the session between two network nodes. The number increases with every packet and

ensures they are processed in the correct order when received by the destination node.

The attacker predicts these sequence numbers and prevents the original client from

sending packets in order not to increase the sequence number so that he can use these

numbers to send his own packets with changed information which can even be malicious.

(techexams.net, 2011)

In brief, TCP/IP hijacking involves taking control of a legitimate conversation between a

server and a client, intercepting the source side packets, throwing them away and

replacing them with new packets which are sent to the destination. The attacker can

disconnect the client’s established and possibly already authenticated session to the

server and attempt to take the client’s place by spoofing the legitimate client’s address.

2.2.2 Man-in-the-Middle

During a Man-in-the-middle attack, the attacker places himself between two

communicating network devices in an attempt to intercept and possibly alter network



7

traffic. The attacker connects to the network by tapping into an existing line. Once the

attacker is connected, he will try to fool both sides of the communication ensuring that

each side thinks that it is receiving information from the right source. The attacker must

be able to intercept all messages going between the two victims, formulate new ones and

forward them to wherever direction the intercepted message was directed. For example, if

there is a communication between Tom and Peter, the attacker James can perform a

successful MITM attack and makes Peter think that he is receiving information from Tom

and Tom also thinks that he is receiving information from Peter, yet it is actually coming

via James who is acting as a substitute for both sides and may have altered the

information.

Usually the communication between two network devices is encrypted but it is not

always sufficient to prevent Man-in-the-middle attacks. If the attacker intercepts the keyused for the encryption process at the start of the communication, or previously, he can

decrypt the information he receives from one side, read it, alter it, and encrypt it again to

pass it on as if nothing happened to it. (techexams.net, 2011)

2.2.3 Meet-in-the-Middle Attack

This is a known attack that can exponentially reduce the number of brute force

permutations required to decrypt text that has been encrypted by more than one key. Such

an attack makes it much easier for an intruder to gain access to data.

The meet in the middle attack targets block cipher cryptographic functions. The intruder

applies brute force techniques to both the plain text and cipher text of a block cipher. He

then attempts to encrypt the plain text according to various keys to achieve an

intermediate cipher text (a text that has only been encrypted by one key).

Simultaneously, he attempts to decrypt the cipher text according to various keys, seeking

a block of intermediate cipher text that is the same as the one achieved by encrypting the

plain text. If there is a match of intermediate cipher text, it is highly probable that the key

used to encrypt the plain text and the key used to decrypt the cipher text are two the

encryption keys used for the block cipher.



8

Because the attacker tries to break the two part encryption method from the both sides

simultaneously, a successful effort enables him to meet in the middle of the block cipher.

Although a meet in the middle exploit can make the attacker’s job easier, it can’t be

conducted without a piece of plain text of corresponding cipher text. That means the

attacker must have the capacity to store all possible intermediate cipher text values from

both the brute force encryption of the plain text and decryption of the cipher text.

2.2.4 IP Spoofing:

This refers to the creation of internet protocol packets with a forged source IP address

with the purpose of concealing the identity of the sender or impersonating another

computing system. It is one of the most common forms of on-line camouflage.

In IP spoofing, the attacker gains unauthorized access to a computer or a network by

making it appear that a malicious message has come from a trusted machine by spoofing

the IP address of the machine. There are a few variations on the types of attacks that

successfully employ IP spoofing and some are as below: -

Non-Blind Spoofing:

This type of attack takes place when the attacker is on the same subnet as the victim. The

sequence and acknowledgement numbers can be sniffed, eliminating the potential

difficulty of calculating them accurately.

The biggest threat of spoofing in this instance would be session hijacking. This is

accomplished by corrupting the data stream of an established connection, then re-

establishing it based on correct sequence and acknowledgement numbers with the attack

machine. Using this technique, an attacker could effectively bypass any authentication

measures taken place to build the connection.

Blind Spoofing:

This is a more sophisticated attack, because the sequence and acknowledgement numbers

are unreachable. In order to circumvent this, several packets are sent to the target

machine in order to sample sequence numbers.



9

While not the case today, machines in the past used basic techniques for generating

sequences numbers. It was relatively easy to discover the exact formula by studying

packets and TCP sessions. Today most Operating Systems implement random sequence

number generation, making it difficult to predict them accurately. If, however, the

sequence number was compromised, data could be sent to the target. Several years ago,

many machines used host-based authentication services. A properly crafted attack could

add the requisite data to a system, blindly, enabling full access for the attacker who was

impersonating a trusted host.

2.2.5 Denial of Service Attack

This is currently one the most difficult attacks to defend against in which IP spoofing is

almost always used. Since crackers are concerned only with consuming bandwidth and

resources, they need not to worry about properly completing handshakes and

transactions. Rather, they wish to flood the victim with as many packets as possible in a

short amount of time.

In order to prolong the effectiveness of the attack, they spoof source IP addresses to make

tracing and stopping the Denial of service as difficult as possible. When multiple

compromised hosts are participating in the attack, all sending spoofed traffic; it is very

challenging to quickly block traffic. (Wikipedia, 2011)



10

CHAPTER THREE

SOLUTIONS TO THE SECURITY LOOPHOLES

Due to the security concern that arose from the growth of the internet and thus the

increased use of TCP/IP, there have been developments to curb the problems that resulted

from the un trusted users who made networks insecure. Add-ons like firewalls, Kerberos

systems and others were developed to help on the security weaknesses in TCP/IP. Of

recent the internet protocol version 4 has been modified to version 6 which will soon be

implemented to handle more problems.

3.1 Firewalls

A firewall is a system that is designed to permit or deny network transmissions based

upon a set of rules and is frequently used to protect networks from unauthorized access

while permitting legitimate communications to pass. A firewall can be a hardware device,

a software program or a combination of both. (wiki.ask.com, 2011)

Firewalls are included in most operating systems to monitor any incoming and outgoing

activity on your computer, and they usually block programs that should not have access.

This is done to protect threats mainly from the public internet. Some routers connecting

networks contain firewall components many of which can perform the basic routing

functions. (Wikipedia, 2011)

The firewall technology was developed in generations and the first generation firewall

was published about in 1988 when engineers from Digital Equipment Corporation (DEC)

developed filter systems known as packet filter firewalls. The second generation firewall

was from 1989-1990 developed at AT&T Bell Laboratories generally referred to as a

stateful packet inspection. Both forms of firewall are explained below.

3.1.1 Stateful Inspection

Stateful inspection, also known as dynamic packet filtering, is a firewall technology that

monitors the state of all active connections and uses this information to determine which

network packets to allow through the firewall.



11

A stateful firewall is able to hold significant attributes of each connection in memory

from the start to the end. These attributes, which are collectively known as the state of the

connection, may include details such as the IP addresses, ports and the sequence numbers

of the packets traversing the connection. The most CPU intensive checking is performed

at the time of setup of the connection. After setting up the connection, it becomes simple

and fast to determine whether a packet belongs to an existing, pre-screened session. Once

the session has ended, its entry in the state-table is discarded.

The stateful firewall depends on the three-way handshake of the TCP protocol when the

protocol being used is TCP. When a client initiates a new connection, it sends a packet

with the synchronize bit set in the packet header. All packets with the synchronize bit set

are considered by the firewall as new connections. If the service which the client has

requested is available on the server, the service will reply to the synchronize packet withanother packet in which both the synchronize and acknowledgement bit are set. The

client will then respond with a packet in which only the acknowledgement bit is set, and

the connection will enter the established state. Such a firewall will pass all outgoing

packets through but will only allow incoming packets if they are part of an established

connection, ensuring that hackers cannot start unsolicited connections with the protected

machine. (Wikipedia, 2011)

3.1.2 Packet filtering firewall

Packet filters act by inspecting the packets that represent the basic unit of data transfer

between computers on the Internet. If a packet matches the packet filter's set of rules, the

packet filter will allow the packet, or reject it and send error messages to the source. This

type of packet filtering is not concerned whether a packet is part of an already existing

connection or it is for starting a new connection, just because it stores no information on

connection state. Instead, it filters each packet based only on information contained in the

packet itself (packet header). It commonly uses a combination of the source and

destination address, the packet’s protocol, and the port number. Any incoming packet that

may appear to have come from a different source address, port number or having a

different protocol other than it knows will be discarded. And any outgoing packet that

will be with a different destination number, port number or protocol other than the one

known will also be blocked.



12

3.2 Kerberos

Kerberos is a computer network authentication protocol which allows nodes

communicating over a non-secure network to prove their identity to one another using

tickets. (Massachusetts Institute of Technology)

The Kerberos system was designed with some properties which are responsible for

preventing and to withstand security threats like attacks. Among them are authenticity,

cryptography, timing and many more.

Considering authenticity, the authentication process starts fro when the key distribution

centre (KDC) generates a session key. This comes as result of a client requesting

authentication from the authentication server (AS). The key is formulated basing on the

user password and a random value that represents the requested service. The session key

is the one you send to the ticket granting server (TGS) which returns a ticket that can be

sent to the server for the requested service. The server either rejects it (when it is invalid)

or accepts it (when valid) and performs the service. (Wikipedia, 2011)

Cryptography is involved during certain stages of authentication. The Kerberos protocol

uses the session key to encrypt and decrypt the transmissions. For example, the ticket

granting ticket (which includes the client Id, client network address, ticket validity period

and the client/TGS session key) is encrypted using the secret key of TGS. This makes the

Kerberos protocol messages protected against eavesdropping thus preventing attackers

from hacking the session keys and the tickets which they would use to attack the

Kerberos system. (Wikipedia, 2011)

Another design feature of the Kerberos system is the timing. The ticket received from the

ticket granting server is time stamped and it allows the client/user to make requests

within a certain period of time. Making the ticket valid for a limited period of time makes

it less likely for some one else to use it later. This increases the security and limits

unauthorized users from using the system. (Wikipedia, 2011)

Despite the security features in the Kerberos system, there are some limitations that can

affect the performance of the system such as single point failure. The Kerberos system



13

requires a continuous availability of a central server. Therefore when the Kerberos server

is down, no one can be able to login.

Also, Kerberos has strict time requirements. This means the clocks of the involved hosts

must be synchronized within the configured limit which at times becomes hard due to

different clock speeds of the different systems. It is important to note that the tickets have

a time availability period; therefore authentication will fail if the host clock is not

synchronized with the Kerberos clock server. (Wikipedia, 2011)

Another limitation which is a serious security threat is that since authentication is

controlled by a centralized key distribution centre, the whole authentication infrastructure

can be compromised which will allow an attacker to impersonate any user. (Wikipedia,

2011)

3.3 IP V6

IPV6 is an acronym for Internet Protocol Version Six which is a modification of IPV4. It

has already been noted that during the development of TCP/IP, security was not a

concern therefore the challenges of authentication within IPV4 have been considered in

the newer version of the protocol. It attempts to address the importance of security,

routing and also the running out of address space which are currently the problems in

IPV4. It promises to provide authentication and encryption on the internet and could

solve a lot of the existing problems with TCP/IP. (Wikipedia, 2011)

IPV6 includes two extension headers that serve as security options that is the

authentication header and the encryption header. The authentication header allows the

recipient to ascertain the identity of the sender and the encryption header ensures that

only the recipient is able to look at the contents of the message. These two options use

what is termed as security association, where the sender and the receiver agree on

parameters such as the key, the authentication or encryption algorithm and the lifetime of

the key. (Joseph Davies, 2008)



14

Recommendation

According to the discussion in the previous chapters, the researchers recommend that the

various network and internet users should adopt the use of the available add-ons like

Firewalls, Kerberos and some others to ensure security over their networks.

Since technology grows every second, networks users should be in position of getting the

latest information ever so that their ignorance is not used by malicious people to

accomplish their missions. For example very soon IPV6 will be implemented, network

users should be in position to adapt to such technologies and any other mechanism that

may be developed to curb the insecurity problems over networks.

Conclusion

Despite all the loopholes, weaknesses and insecurity in observed TCP/IP, the protocol is

not totally insecure. At least there is a number of add-ons and mechanisms employed to

keep TCP/IP usable since it’s a standard protocol. This has gone further to using the

protocol along with other many protocols for example ICMP, SSL, UDP and many more.

All this makes the protocol usable and continue operating even on the network with the

worst security.



15

References

1. http://www.wiki.ask.com/Firewall_%28computing%29, accessed on 1/10/2011 at

2:30 pm

2. http:// www.en.wikipedia.org/wiki/Stateful_firewall, accessed on 1/10/2011 at

2:30 pm

3. http:// www.en.wikipedia.org/wiki/Denial-of-service_attack, accessed on

9/10/2011 at 4:00 pm

4. http://www.techexams.net/technotes/securityplus/attacks.shtml, accessed on

8/10/2011 at 10:00 am

5. http:// www .en.wikipedia.org/wiki/IPv6, accessed on 9/10/2011 at 4:00 pm

6. Joseph Davies, Understanding IPv6, Second Edition January 09, 2008

7. Massachusetts Institute of Technology, http://www.web.mit.edu/Kerberos/,

accessed on 3/10/2011 at 11:00 am

8. http://www.en.wikipedia.org/wiki/Kerberos_%28protocol%29, accessed on

3/10/2011 at 11:00 am

9. Damon Reed, Applying the OSI Seven Layer Network Model To Information

Security, November 21, 2003

10. Chris Chambers, Justin Dolske and Jayaraman Iyer, Ohio State University

Columbus, Ohio 43210, TCP/IP Security

Documents

Tcp Ip Security