The Sinkhole attack that is implemented as part of IDS uses one of the features of DSR protocol as a loophole. That is, in DSR when the source node broadcasts DSR Route Request packet(RREQ), even intermediate nodes can send a Route Reply(RREP), if they have a route to the destination node in their route cache. The malicious node adds a fake route entry into its route cache and sends a RREP.


If TCP is enabled, the source node will accept only the packets that come from the respective destination node. Any packet from the intermediate device will be discarded. Due to this it will not be possible to simulate a sinkhole attack.


This is the reason why we disable TCP in the transport layer of each node.