Tuesday, January 6, 2009

Why is the ISN (initial sequence number) of TCP selected randomly?

TCP layer on the TCP devices exchange Initial Sequence Number (ISN) that is assigned to any device during the startup of the TCP connection. The ISN is always random. There are several reasons to select ISN randomly. One of the reasons is that TCP segments may get mixed up with the different connections if the sequence number is started from the same number by all the devices. For example, a TCP connection is started with ISN 1. Let’s say there are 1 to 50 bytes. Suppose that there is some problem and the TCP connection is terminated. Now a new connection with the same ISN (i.e. 1) is started for the same number of bytes (i.e. 1 to 50 bytes). The device may think that these segments are the part of new connection. So, the data may get collapsed. 

The another reason to select ISN number randomly is any malicious person could write code to predict the ISN of subsequent TCP connection based on the ISNs used in earlier ones, which causes serious security risk. 

No comments: