The Dark Side of SYN Cookies: Port Scanning Vulnerability Enabled

DSpace/Manakin Repository

Show simple item record

dc.contributor.advisor Maccari, Leonardo it_IT
dc.contributor.author Da Rodda, Enrico <1997> it_IT
dc.date.accessioned 2024-02-19 it_IT
dc.date.accessioned 2024-05-08T12:14:10Z
dc.date.available 2024-05-08T12:14:10Z
dc.date.issued 2024-03-27 it_IT
dc.identifier.uri http://hdl.handle.net/10579/25999
dc.description.abstract SYN Cookies are a Network Security countermeasure to avoid a specific DoS Attack, SYN Flooding. Unfortunately, this countermeasure violates the TCP Protocol, not allowing to store all the necessary information of the connection requests, thus breaking some functionalities. This behaviour is somehow accepted when it comes to still being able to provide a valuable service to legitimate users, but what if this solution could be exploited to gather additional information related to which web resources users are granted access to? This project aims to identify a port scanning vulnerability, enabled by the use of SYN Cookies, which, by construction, are not able to store all the necessary information/parameters of connection requests. This makes additional parameters' value fall back to their default one, allowing the identification of the activation state of SYN-Cookies. This actually reveals more than you think, in particular it allows to infer/determine firewall rules applied to specific IP addresses (and related subnets), understanding to which services external users can have access to. This scenario will be analysed in a programmatically way, making the experiment reproducible and by providing empirical and numerical evidence of the abovementioned vulnerability. it_IT
dc.language.iso en it_IT
dc.publisher Università Ca' Foscari Venezia it_IT
dc.rights © Enrico Da Rodda, 2024 it_IT
dc.title The Dark Side of SYN Cookies: Port Scanning Vulnerability Enabled it_IT
dc.title.alternative The Dark Side of SYN Cookies: Port Scanning Vulnerability Enabled it_IT
dc.type Master's Degree Thesis it_IT
dc.degree.name Informatica - computer science it_IT
dc.degree.level Laurea magistrale it_IT
dc.degree.grantor Dipartimento di Scienze Ambientali, Informatica e Statistica it_IT
dc.description.academicyear 2022/2023 - sessione straordinaria it_IT
dc.rights.accessrights openAccess it_IT
dc.thesis.matricno 869042 it_IT
dc.subject.miur INF/01 INFORMATICA it_IT
dc.description.note it_IT
dc.degree.discipline it_IT
dc.contributor.co-advisor it_IT
dc.date.embargoend it_IT
dc.provenance.upload Enrico Da Rodda (869042@stud.unive.it), 2024-02-19 it_IT
dc.provenance.plagiarycheck Leonardo Maccari (leonardo.maccari@unive.it), 2024-03-04 it_IT


Files in this item

This item appears in the following Collection(s)

Show simple item record