TCP/IP stands for Transmission Control Protocol/Internet Protocol. It is commonly known as the "Internet Protocol" because all major networking devices and the Internet communicate using this protocol. The use of TCP/IP as the default communication standard for the Internet did not come without controversy, as Internet Protocol was adopted more out of its practical presence than by its sophisticated design. TCP/IP has innate security disadvantages that must be considered before choosing a network that uses this protocol.
SYN Attacks
Video of the Day
The Internet Protocol uses a three-way handshake system. Under this system the user contacts a server, which then sends a response back to the user asking the user to confirm the connection. The computer hosting the connection must then wait 75 seconds to receive a response to the acknowledgment, to compensate for network slowdown. SYN attacks work by sending the first request but not the second over and over again. This monopolizes the computer's resources, causing other legitimate connections to fail.
Video of the Day
Sequence Manipulation
The Internet Protocol keeps packets of information in sequence. If a user goes offline, either by a malicious user's designs or other means, any computers it is currently communicating with will close the connection if a response without the proper sequence number is received. If a user intercepts these messages he can discern the ID number and respond as the user, resulting in communication with the machine being hijacked. This can cause theft of important data.
Amorphous Identification
The Internet Protocol was designed to only allow a single connection at a time and to have this connection be routed to a definite user. As the Internet has progressed and IP address space becomes increasingly precious, this address space is no longer dedicated and is usually assigned among a pool of users. This lack of unique identification makes it hard to verify a user and adds to the complexity of an application's security by removing trust in the identity of the user.
DNS Flaws
The Domain Name Service (DNS) is a way of looking up the IP address of a domain name. Internet Protocol can only communicate to IP addresses, requiring Internet communication to occur through a DNS server maintained by your Internet Service Provider. This flaw can be exploited by redirecting domain names to different IP addresses.