Abstract:TCP/IP protocol itself has many security flaws,so that network traffic is attacked by IP address spoofing,ARP spoofing,ICMP attacks,TCP SYN Flood,DNS attacks.This article studies security risks and vulnerabilities of TCP/IP protocol,and then presents corresponding measures for the prevention of attacks.