This occurs when a server happens to receive more connection requests that are incomplete and that it cannot possibly handle. This kind of attack's source code were released in 2006 by 2600 and Phracks two well-known underground hacker magazines. The second threat is IP Spoofing which is an attack which involves the impersonation of a legitimate host user at the IP layer. The third one is sequence number attack. The third one is TCP session hijacking. The third threat is denial of service attacks Security strategies to address various threats that are addressed by IPSec that users who use unsecured TCP/IP face
In order to ensure that users of unsecured TCP/IP don't fall victims to the threats outlined above, the following strategies must be employed;
Countering SYN Flooding:
The ISPs that are responsible for the IP packets must block the non-internal addresses that are responsible for the flooding. The attacker would then be forced to use official IP source to send the packets which can be used to trace them (via server audit logs).The lack of anonymity would then deter the would-be attackers from launching the SYN Floods. The other one preventive measure is to use make changes to the network aspects of a given operating system and also the inclusion of intrusion detection tools (Rodgers, 2001).
Countering IP spoofing:
Changing of the routing tables of the routers and gateways of the spoofed routing tables by means of protocols such as BGP4,RIP (Rodgers, 2001).
Methods of configuring the IPSec securities policies
There are basically two methods. These are transport mode and tunnel mode They are described by Ferguson, Poulton and Barrett (2004) as follows:
IPSec can effectively be used in the transport mode in order to secure communication happening between two workstations that are ion the same network. The arrangement can either be a server-to-client or a server-to-server communication. Then IPSec gives an end-to-end surety on the basis of the encryption setting and the authentication that is applied (Ferguson, Poulton and Barrett, 2004).
IPSec is used in this mode so as to secure communication taking place between two separate networks (Ferguson, Poulton and Barrett,2004).
Encrypting File Services
The Encrypting File Services is a technology that is used to encrypt files in the file systems of various Operating Systems such as Windows 2000, Windows Server 2003, Windows Server 2008 and Windows XP (Microsoft, 2010).It names use symmetric and asymmetric key cryptography.
How Windows Server 2008 use public and private key encryption.
Windows Server 2008 uses public key encryption (an asymmetrical cryptography) through the use of keys that can be publicly transferred and then used in the encryption and decryption of the message. The private key is noted to be with the creator for the purpose of decrypting the message.
Private key encryption in Windows Server 2008 makes use of symmetric cryptography .A single key is used to encrypt as well as to decrypt a particular message. This therefore requires the sending of the key itself from the sender of the message to the receiver (Windows2008serveradmintools, 2008).
It is important that TCP/IP be effectively used in order to configure a given network since traditionally it has been considered to be an unsecure protocol. Other methods should therefore be employed in order to ensure that data integrity is assured.