I know this has been said before but there are many problems with TCP/IP protocol, and has all the security types worried sick. An article in the Information Week says:
bq. A serious new security vulnerability that could affect large parts of the Internet as well as corporate networks has been identified by the Department of Homeland Security’s National Cybersecurity Division and the U.K.-based National Infrastructure Security Coordination Centre.
Actually this is a problem experts have known for years. I have heard time and again from those who use Cisco routers about these and many other issues with that company’s IOS and all the problems with TCP/IP. Infoworld says:
bq. By spoofing the source IP (Internet Protocol) address and the TCP port, then randomly guessing the unique sequence number, an attacker could cause an active TCP session to terminate. Networking experts have known about the potential for such attacks for almost 20 years. However, as Internet use and the use of broadband Internet connections has grown over the years, ISPs and others have gradually increased the size of the “window,” or range of acceptable sequence numbers that they permit to reset a connection, making a successful DOS attack more plausible.”
Cisco has a solution here: Securing BGP.