That's an interesting subject. There are many different classes of network attacks. Some of them are protocol-specific (recent DNS vulnerability, TCP syn flood, ARP spoofing etc.), some target vulnerabilities in particular implementations (e.g. resource exhaustion), some are generic (flooding link with traffic.) You cannot counter all of them. The best you can do is evaluate the risks and try to bring them down to an acceptable level. That 'acceptable level' is highly dependent on your application requirements. I don't think that anyone performed a thorough evaluation of lwip in terms of vulnerability to network attacks. There will definitely be bugs. For example, a few months ago a bug has been found where a malformed TCP header could cause a crash: https://savannah.nongnu.org/bugs/index.php?24596 So, if possible, try to choose simple protocols, e.g. favour UDP over TCP.
Regards, - mike 2009/1/28 Raunak Rungta <[email protected]>: > Hi All, > I am doing a project to analyze the security requirements in connecting the > set of wireless sensors with the Internet. I am totally new to this area. I > read about different TCP/IP stack implementations like lwIP, uIP and others. > Can any one point me some links where I can find how others implementors > have approached this problem? How they have tried to secure their Wireless > Sensor Networks from the different possible attacks from Internet? Any links > to such implementations will also be helpful. > Thanks in advance, > Raunak Rungta _______________________________________________ lwip-users mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/lwip-users
