In example, consider ARP; it is a two-step process that consists of a request and a response. Little thought was given at the time of the development of ARP that someone may actually send unsolicited ARP responses for the purpose of ARP poisoning. Other protocols and applications of TCP/IP also have security issues, such as ICMP, RIP, FTP, SNMP and Telnet.
For more information, view this tutorial on understanding TCP/IP from FreeSkills.com.
This was first published in February 2009