Lecture 12: Networking Attacks: TCP and DHCP



If an attacker spoofs a packet to a victim, where would the victim's reply be sent to?

On-path vs. Off-path Spoofing

Which type of attacker is more powerful: on-path, off-path, or neither is strictly stronger than the other?

TCP RST Injection

TCP Data Injection

What obstacles does an on-path attacker need to overcome to inject data into a TCP connection?

TCP Off-path Attacks

In a blind spoofing attack, does the off-path attacker need to guess the sequence number or the acknowledgement number when sending the ACK part of the handshake?

Summary of TCP Security Issues

Host Names vs. IP Addresses


Which of the four messages in the DHCP handshake are broadcast? Why do we need to broadcast these?

DHCP Threats

What type(s) of attacker can execute an attack on DHCP, and what type of attacker do they become after successfully executing the attack?