ids – What happens if a sender changes the TCP window size over multiple packets that have the same ACK number?

I’m currently doing research on evasion attacks that seek to bypass a Deep-learning based Network Intrusion Detection System.

In order to achieve this, I need to know what the constraints are for the TCP window size field in the TCP packet header. Imagine a client has just sent the last TCP-ACK packet to a server in order to complete the 3-way handshake. He then immediately proceeds to send a GET request to the server (these 2 packets are thus sent one after the other, and contain the same ACK-number).

What happens if the TCP window size in the TCP-ACK packet does not match the window size in the TCP packet containing the GET request? Will the receiver simply observe the last value for the window size that he obtained? Or will there be a violation in the TCP protocol in any way? You can assume that the change in window size is very small, and will not cause the buffer to be full.

More generally, if the client sends N uninterrupted packets (e.g. a heavy-load POST request), can he change the window size in each packet header without repercussions?

Can TLS defeat the manipulation of TCP sequence numbers?

Assuming there is a powerful adversary who can arbitrarily manipulate the sequence number of each tcp packet, then the following packet-reorder attack should be possible, right?

Assuming the packet the attacker wants to disorder has the tcp sequence number n, he first allows the n+1, n+2, …, n+m packets to be sent out but modifies the sequence-number fields to use numbers n, n+1, …, n + m -1. Finally, the attacker uses the sequence number n+m to send the detained packet.

Is the attack still possible when TLS/SSL is used?

c# – How can a TCP server application handle reconnects in response to stale connections?

The main loop of basic server looks like this currently:

            ConcurrentDictionary<EndPoint,Connection> connections = new ConcurrentDictionary<EndPoint, Monitor>();

            tcpListener = new TcpListener(IPAddress.Any, config.Port);
            tcpListener.Start();
            while (true)
            {
                var client = await tcpListener.AcceptTcpClientAsync();
                HandleNewConnection(client);
            }

    private void HandleNewConnection(TcpClient client)
    {
        var key = client.Client.RemoteEndPoint;
        var connection = new Connection(client);
        connections(key) = connection;
        //run the connection client/server stuff, basically just Reads in a loop
        _ = connection.MonitorAsync();
    }

There are two specific cases I want to handle:

  1. The connection is lost. This seems fairly easy, doing something like _ = connection.MonitorAsync().ContinueWith( () => connections.Remove(key) ?
  2. A new connection comes in from an existing client. TCP connections are not great at detecting faults unless you write to them, so it’s quite plausible a client could try to send data, detect a problem, drop the connection, and reconnect – and my server thinks the connection is still valid. The first it knows is a new connection comes in from a client it thinks is already connected.

In 2. it is conceptually quite simple that we look-up the existing connection from the same client endpoint, terminate it and store a Connection into connections.

But now if I’m not careful my continuation from 1. will kick in after 2, and remove the new element from the dictionary.

There must be a neat pattern but I keep tying myself in knots trying to figure it out. Servers must handle this situation all the time and need to be accurate not to accrue a huge pile of dead connection objects. What would be a normal way to handle this, other than a more stateless approach where Connections doesn’t exist?

computer networks – Slotted Aloha & TCP protocol

Thanks for contributing an answer to Computer Science Stack Exchange!

  • Please be sure to answer the question. Provide details and share your research!

But avoid

  • Asking for help, clarification, or responding to other answers.
  • Making statements based on opinion; back them up with references or personal experience.

Use MathJax to format equations. MathJax reference.

To learn more, see our tips on writing great answers.

c++ – Sending float over TCP

I need to send a series of floats over a TCP socket.

Firstly, is it safe to assume that most platforms (e.g off the shelf Windows PC/Laptop) and architectures represent floats in the same way (i.e IEEE 754)?

If so, I was thinking of doing something like this:

float a = 29.054;
int* b = reinterpret_cast<int*>(&a);

//Store in byte array

Would this work?

design – How to structure client/server TCP c++ code?

I am trying to learn more about distributed systems and have set up a small tcp client server example.

At the moment i am using boost and working through the examples on the boost website.

I am at the stage where i am trying to build a structure for TCP communications and was looking for advice.

I have a basic idea that i should deal in requests and request reply but its the actual structure i am new too.

I dont want somewhere in my code for there to be a massive if or switch statement.

Any ideas? Book recommendations are appreciated.

computer networks – Why NAT is a disadvantage when TCP source port field is 16 bits?

Here is an excerpt from Andrew S. Tanenbaum, Computer Networks, 5th edition, Chapter 5 (The Network layer), Page 455:

enter image description here

My question is on the second paragraph. From what I understand, basically this part talks disadvantage of using NAT(Network Address Translation). I don’t understand what second paragraph is trying to say about disadvantage of using NAT because it seems to me that the second paragraph is saying about benefit of using NAT because by using NAT, we can solve the problem of depletion of IP address.

Can anyone explain to me what the second paragraph is trying to convey?

How to avoid password TCP message sniffing and subsequent hijacking

I’m developing a TCP Streaming API for “IoT” devices in LabView.

The TCP Server will be listening to a certain port, and our devices will try to connect to it. In order to know that the connecting client is from our company, all our servers and clients will share a private key and a password. When the client connects successfully to the socket, it will send the secret password cyphered in AES256 with the private key.

But what prevents an attacker from sniffing a client’s credentials message and resend as it is to the server to gain access? Cyphering doesn’t protect that.

ubuntu – TCP handshake failed after forward LAN connection through VPN

We have some secured web services(including websites) that are only accessible when connected to a VPN provided by the service owner. Since the VPN account is only allowed to be connected by one user at a time, we planned to configure one of our machines in our LAN to be the gateway to handle the traffic towards the secured service.

  1. The VPN is connected via OpenConnect client on a machine running Ubuntu 18.04 bionic.

    It was verified proper route was added automatically after VPN is connected and we can get ping responses from the secured server address, we can also curl the content of the secured website.

  2. The interface of VPN is tun0, the interface of LAN is eth0

    We run the following command to enable LAN forward:

    sysctl net.ipv4.ip_forward

    iptables -A INPUT -i tun0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

    iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT

    iptables -A FORWARD -i tun0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

    iptables -t nat -I POSTROUTING -o tun0 -d <secured_host> -j MASQUERADE

  3. We then added a static route to our router to set the next-hop of traffic to the secured service to be the machine running the VPN.

  4. When testing from other machines in the LAN, we can now get ping response from the secured server, but we cannot open the website in a browser. If we tried to curl from the secured server, we got:

    curl: (35) schannel: failed to receive handshake, SSL/TLS connection failed(curl from windows CMD)

  5. Checking tcpdump on the machine running VPN shows:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
04:14:51.058123 IP <LAN_machine>.53902 > <secured_host>.https: Flags (SEW), seq 2060814575, win 64240, options (mss 1418,nop,wscale 8,nop,nop,sackOK), length 0
04:14:51.073952 IP <secured_host>.https > <LAN_machine>.53902: Flags (S.), seq 1469838894, ack 2060814576, win 4254, options (mss 1460,sackOK,eol), length 0
04:14:51.074936 IP <LAN_machine>.53902 > <secured_host>.https: Flags (.), ack 1, win 64240, length 0
04:14:51.077473 IP <LAN_machine>.53902 > <secured_host>.https: Flags (P.), seq 1:190, ack 1, win 64240, length 189
04:14:51.106822 IP <secured_host>.https > <LAN_machine>.53902: Flags (.), ack 190, win 4443, length 0
04:15:01.106027 IP <secured_host>.https > <LAN_machine>.53902: Flags (R.), seq 4255, ack 190, win 0, length 0
04:15:01.107200 IP <LAN_machine>.53902 > <secured_host>.https: Flags (.), ack 1, win 64240, length 0
04:15:01.122306 IP <secured_host>.https > <LAN_machine>.53902: Flags (R.), seq 1, ack 190, win 0, length 0

What else should I do to make things work? Many thanks in advance.

c – Is my concurrent tcp server correct?

So i’ve made a concurrent server that transferes files with socket programming by using fork(), and made a client to connect to a known localhost and ask for a txt. that is in a file. Then the server sends the file to the client that will be then saved locally. This is for a project at college and i’ve been getting feedback that my fork() function in my server isn’t correct and it shouldn’t work, but for me it works just fine? Please have a look.

Server:

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <arpa/inet.h>

#define SIZE 1024

void send_file(FILE *fp, int sockfd){
  int n;
  char data(SIZE) = {0};

  while(fgets(data, SIZE, fp) != NULL) {
    if (send(sockfd, data, sizeof(data), 0) < 0) {
      perror("(-)Error in sending file.");
      exit(1);
    }
    bzero(data, SIZE);
  }
  return;
}

int main(){
  // ip address and port
  char *ip = "127.0.0.1";
  int port  = 8888;

  // variables and structures
  int e;
  int sockfd, new_sock;
  struct sockaddr_in server_addr, new_addr;
  socklen_t addr_size;
  char buffer(SIZE);
  pid_t childpid;

  FILE *fp;
  char *filepath;

  // 1. creating the socket
  sockfd = socket(AF_INET, SOCK_STREAM, 0);
  if(sockfd < 0){
    perror("(-)Error in socket");
    exit(1);
  }
  printf("(+)Server socket created.n");

  // 2. writing the data in the structure
  server_addr.sin_family = AF_INET;
  server_addr.sin_addr.s_addr = inet_addr(ip);
  server_addr.sin_port = port;

  // 3. binding the ip address with the port
  addr_size = sizeof(server_addr);
  e = bind(sockfd, (struct sockaddr*)&server_addr, addr_size);
  if (e < 0){
    perror("(-)Error in bind");
    exit(1);
  }
  printf("(+)Binding successfull.n");

  // 4. listening to the clients
  e = listen(sockfd, 10);
  if (e < 0) {
    perror("(-)Error in listen");
    exit(1);
  }
  printf("(+)Listening...n");

  // 5. accepting the client connection.

  while (1){
    addr_size = sizeof(new_addr);
    new_sock = accept(sockfd, (struct sockaddr*)&new_addr, &addr_size);
    if (new_sock < 0){
      perror("(-)Error in accpet");
      exit(1);
    }
    printf("Connection accepted from %s:%dn", inet_ntoa(new_addr.sin_addr), ntohs(new_addr.sin_port));

    childpid = fork();
    if (childpid == 0){
      close(sockfd);

      while(1){
        recv(new_sock, buffer, SIZE, 0);

        if (strcmp(buffer, "LIST") == 0){
          // send the list of filenames.
          bzero(buffer, SIZE);
          strcpy(buffer, "data.txtnhello.txt");
          send(new_sock, buffer, SIZE, 0);
          bzero(buffer, SIZE);
        }

        else if (strcmp(buffer, "QUIT") == 0){
          // connection disconnected.
          printf("Connection disconnected from %s:%dn", inet_ntoa(new_addr.sin_addr), ntohs(new_addr.sin_port));
          break;
        }

        else {
          // received the filename, send the file data.
          if (strcmp(buffer, "data.txt") == 0){
            filepath = "server_files/data.txt";
            fp = fopen(filepath, "r");
            send_file(fp, new_sock);
          }

          else if (strcmp(buffer, "hello.txt") == 0) {
            filepath = "server_files/hello.txt";
            fp = fopen(filepath, "r");
            send_file(fp, new_sock);
          }

          bzero(buffer, SIZE);
          send(new_sock, "", 1, 0);
          bzero(buffer, SIZE);
        }

      }
    }

  }

}

Client:

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <arpa/inet.h>

#define SIZE 1024

void remove_char(char *s, int c){
  /* This function is used to remove a character from the character array. */
  int j, n = strlen(s);
  for (int i=j=0; i<n; i++)
    if (s(i) != c){
      s(j++) = s(i);
    }
    s(j) = '';
}

void write_file(char *filepath, int sockfd){
  int n;
  FILE *fp;
  char buffer(SIZE);

  fp = fopen(filepath, "w");
  if (fp == NULL) {
    perror("(-)Error in creating file");
    exit(1);
  }

  while (1) {
    n = recv(sockfd, buffer, SIZE, 0);
    if (n == 1) {
      break;
      return;
    }

    fprintf(fp, "%s", buffer);
    fflush(fp);
    bzero(buffer, SIZE);
  }
  return;
}

int main(){
  // ip address and port
  char *ip = "127.0.0.1";
  int port = 8888;

  // variables and structures,
  int e;
  int sockfd;
  struct sockaddr_in server_addr;
  char buffer(SIZE);
  char *filepath;

  // 1. creating the socket
  sockfd = socket(AF_INET, SOCK_STREAM, 0);
  if(sockfd < 0){
    perror("(-)Error in socket");
    exit(1);
  }
  printf("(+)Client socket created.n");

  // 2. writing the data in the structure
  server_addr.sin_family = AF_INET;
  server_addr.sin_addr.s_addr = inet_addr(ip);
  server_addr.sin_port = port;

  // 3. connect to the server
  e = connect(sockfd, (struct sockaddr*)&server_addr, sizeof(server_addr));
  if(sockfd < 0){
    perror("(-)Error in connect");
    exit(1);
  }
  printf("(+)Connected to the servern");

  printf("n");
  printf("List of the commands.n");
  printf("LIST - list all the files.n");
  printf("LOAD - download the file.n");
  printf("       LOAD <path>n");
  printf("QUIT - disconnect from the server.n");

  while(1){
    fflush(stdout);
    printf("> ");
    fgets(buffer, SIZE, stdin);

    if (strlen(buffer) > 1){
      char *token1 = strtok(buffer, " ");
      char *token2 = strtok(NULL, " ");
      remove_char(token1, 'n');

      if (strcmp(token1, "LIST") == 0) {
        // list all the file of the server.
        send(sockfd, buffer, SIZE, 0);
        recv(sockfd, buffer, SIZE, 0);
        printf("%sn", buffer);
      }

      else if (strcmp(token1, "LOAD") == 0) {
        if (token2 == NULL) {
          printf("(-)Specify the correct filename.n");
        } else {
          // save the data of the file received from the server.
          remove_char(token2, 'n');
          send(sockfd, token2, SIZE, 0);

          if (strcmp(token2, "data.txt") == 0){
            filepath = "client_files/data.txt";
            write_file(filepath, sockfd);
            printf("(+)File saved.n");
          }

          else if (strcmp(token2, "hello.txt") == 0) {
            filepath = "client_files/hello.txt";
            write_file(filepath, sockfd);
            printf("(+)File saved.n");
          }

          else {
            printf("Incorrect pathn");
          }
        }
      }

      else if (strcmp(token1, "QUIT") == 0) {
        // disconnect from the server.
        printf("(+)Disconnected from the server.n");
        send(sockfd, token1, SIZE, 0);
        break;
      }

      else {
        printf("(-)Invalid commandn");
      }
    }

    bzero(buffer, SIZE);
  }

}