Transport Layer Protocols and Known Security Issues

Description

The basic function of the transport layer is to accept data from above it, split it up into smaller units if need be, pass these to the network layer, and ensure that the pieces all arrive correctly at the other end. Furthermore, all this must be done efficiently and in a way that isolates the upper layers from the inevitable changes in the hardware technology over the course of time. The transport layer also determines what type of service to provide to the session layer, and, ultimately, to the users of the network. The most popular type of transport connection is an error-free point-to-point channel that delivers messages or bytes in the order in which they were sent.

Network Data Unit

Segment

An application data stream can be broken into segments. A segment is carried over a datagram, then segments are reassembled into the original application stream. This is typically done by the TCP layer. So in TCP we have application stream over TCP segment over IP datagram over data-link frame. In UDP there is no segmentation, so the UDP datagram is one-to-one mapped onto the IP datagram.

Main Security Issues

  • Fingerprinting
  • Information Gathering (Scanning)
  • Interception
  • Downgrade Attacks
  • Cryptographic Attacks
  • Data Spoofing
  • Denial of Service (DoS)
  • Remote Code Execution (Protocol CVE)

Protocol Examples

This list shows some protocols that are commonly placed in the transport layers of the Internet protocol suite, the OSI protocol suite, NetWare’s IPX/SPX, AppleTalk, and Fibre Channel.

Transport Layer OpSec

This is quite in-depth and will be posted in a special blog on securing later 4.