random sequence number

Unanswered Question
Sep 3rd, 2008

Hi all, I know the asa randomizes the tcp sequence number, what is the beneift of this ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
Marwan ALshawi Thu, 09/04/2008 - 00:41

Hi Carl

By default, when the firewall creates new outbound TCP connections, it assigns a randomized

TCP initial sequence number (ISN). This is useful to prevent outside users from being able to

predict or guess the sequence number and hijack a connection.

Normally, hosts provide their own random ISNs when they initiate new TCP connections.

However, the TCP/IP protocol stack in some operating systems has a weak implementation of

this, allowing the ISN to be predicted. The firewall maintains the original ISN for use with the

originating host and overwrites this value for use with the destination host. Therefore, neither the

originating nor target host is aware that the ISN has been altered or further randomized

If helpful Rate

Actions

This Discussion