Implementación de mecanismos de control aplicables a una red que mitiguen el secuestro de sesiones en el protocolo tcp

Abstract

TCP Transmission Control Protocol is a secure protocol that controls that all transmitted data are free of errors and are received in the same order in which they were sent. If there is a failure in the transmission of data, it uses mechanisms so that they are forwarded and reach their destination. The problem of this work focused on the shortcomings of the TCP protocol in the sending of datagrams from one terminal to another, given that the information is decrypted, being vulnerable to attacks of IP address spoofing, session hijacking, ARP poisoning. , among others. Due to this, two scenarios of simulation of attacks in a virtualized environment were raised using the GNS3 and VirtualBox tools to emulate the creation of virtual hosts and the design of a data network; Then we proceeded to use the Ettercap, Wireshark and Netwox tools to perform blind session seizure attacks, not blind and TCP reset. The controls were implemented at the client's host level through the modification of the ARP table and at the server level, the iptables were configured to eliminate the RST packets that enter the connection, thereby preventing the session from being closed. By implementing the control mechanisms in the network it was evident that these attacks did not affect its operation.