Your network may have network protocols running in addition to TCP/IP, and each of these protocols may be vulnerable to outside attack. Some protocols (such as NetBEUI, DLC, and other more primitive protocols) aren't routable and, therefore, aren't subject to attack. Of course, there is a great big "unless": If your router or firewall is configured to pass them, some of these protocols can be imbedded in TCP/IP and may be passed to other systems.
The major protocols used by TCP/IP for maintenance and other activities include those discussed in the following list:
Simple Network Management Protocol
TCP/IP uses Simple Network Management Protocol (SNMP) to manage and monitor devices in a network. Many copiers, fax machines, and other smart office machines use SNMP for maintenance functions. This protocol travels through routers quite well and can be vulnerable to attack. Although such an attack might not be dangerous, think about what could happen if your printer suddenly went online and started spewing paper all over the floor.
SNMP was upgraded as a standard to SNMPv2, which provides security and improved remote monitoring. SNMP is currently undergoing a revision; although a new standard (SNMPv3) is out, although most systems still use SNMPv2.
Internet Control Message Protocol
TCP/IP uses Internet Control Message Protocol (ICMP) to report errors and reply to requests from programs such as Ping and Traceroute. ICMP is one of the favorite protocols used for DoS attacks. Many businesses have disabled ICMP through the router to prevent these types of situations from occurring.
Internet Group Management Protocol
TCP/IP uses Internet Group Management Protocol (IGMP) to manage group or multicasting sessions. It can be used to address multiple recipients of a data packet: The sender initiates broadcast traffic, and any client who has broadcasting enabled receives it. (Broadcasts are messages sent from a single system to the entire network—the systems could be inside your network or throughout the world.) This process, called multicasting, can consume huge amounts of bandwidth in a network and possibly create a DoS situation. Most network administrators disable the reception of broadcast and multicast traffic from outside their local network.
A unicast is IGMP traffic that is oriented at a single system. TCP/IP primarily uses a unicast method of communication: A message is sent from a single system to another single system.
NOTE
Every one of these major protocols used by TCP/IP presents a potential problem for security administrators. Make sure you use what you need and disable what you don't.
3.138.122.195