Lecture 12: Networking Attacks: TCP and DHCP
If an attacker spoofs a packet to a victim, where would the victim's reply be sent to?
On-path vs. Off-path Spoofing
Which type of attacker is more powerful: on-path, off-path, or neither is strictly stronger than the other?
TCP RST Injection
TCP Data Injection
What obstacles does an on-path attacker need to overcome to inject data into a TCP connection?
TCP Off-path Attacks
In a blind spoofing attack, does the off-path attacker need to guess the sequence number or the acknowledgement number when sending the ACK part of the handshake?
Summary of TCP Security Issues
Host Names vs. IP Addresses
Which of the four messages in the DHCP handshake are broadcast? Why do we need to broadcast these?
What type(s) of attacker can execute an attack on DHCP, and what type of attacker do they become after successfully executing the attack?