Question
In this problem we investigate whether either UDP or TCP provides a degree of end-point authentication.
a. Consider a server that receives a request within a UDP packet and responds to that request within a UDP packet (for example, as done by a DNS server). If a client with IP address X spoofs its address with address Y, where will the server send its response?
b. Suppose a server receives a SYN with IP source address Y, and after responding with a SYNACK, receives an ACK with IP source address Y with the correct acknowledgment number. Assuming the server chooses a random initial sequence number and there is no “man-in-the-middle,” can the server be certain that the client is indeed at Y (and not at some other address X that is spoofing Y)?
Answer
a) Let UDP packet is received a request to the server. This request accepts the server.
So, the IP address X is deceived with address Y and response to the address Y.
So, adress Y is the matching IP address.
b)
The client address is ‘Y’
The SYNACK will be send with Y’s address.
TCP in the host will not send back the TCP ACK segment.
It is not possible to the attacker to send the correct sequence number.
The attacker fails even if he sends an properly timed TCP ACK segment.