TCP/IP vulnerabilities (Layer wise)
1. Application Layer Vulnerabilities
Description
This layer provides services like HTTP, FTP, SMTP, DNS, etc. It is most exposed to users, hence highly vulnerable.
Common Attacks
- Malware Attacks
- Viruses, worms, trojans embedded in applications
- Phishing Attacks
- Fake websites or emails to steal credentials
- SQL Injection
- Malicious queries to manipulate databases
- Cross-Site Scripting (XSS)
- Injecting scripts into web pages
- DNS Spoofing
- Redirecting users to fake websites
2. Transport Layer Vulnerabilities
Description
Responsible for end-to-end communication using TCP and UDP.
Common Attacks
- TCP SYN Flood Attack
- Flooding server with connection requests → resource exhaustion
- Session Hijacking
- Attacker takes over active session
- Port Scanning
- Identifying open ports for exploitation
- UDP Flood Attack
- Sending large number of UDP packets
3. Internet Layer Vulnerabilities
Description