July 31, 2008

Why the value of ISN(Initial Sequence Number) is Random?

From this post you will learn why the value of ISN is random.

Before going in detail of ISN,first of all we have to understand what is ISN.ISN is a number that is assigned to any device during the startup of the TCP connection.Now come to our first issue that is why the value of ISN is random.Let understand this thing by contradiction,let be assume that each device would start a connection by giving the first byte of data sent having sequence number 1.Now the problem with starting off each connection with a sequence number of 1 is that it introduces the possibility of segments from different connections getting mixed up. Suppose we established a TCP connection and sent a segment containing bytes 1 through 100. However, (suppose)there was a problem with the internetwork that caused this segment to be delayed, and eventually, the TCP connection itself to be terminated. We then started up a new connection and again used a starting sequence number of 1. As soon as this new connection was started, however, the old segment with bytes labeled 1 to 100 showed up. The other device would erroneously think those bytes were part of the new connection.Hence in this way all data get collapsed or may be reach to the wrong device.Hence to avoid this collison each TCP device, at the time of connection, chooses a 32-bit initial sequence number (ISN) for the connection. Each device has its own ISN, and they will normally not be the same.

Now come to our second issue of how the value of ISN can be selected.Whenever any device connected to any TCP network it choose the ISN by making use of a timed counter, like a clock of sorts, that was incremented every 4 microseconds. This counter was initialized when TCP started up and then its value increased by 1 every 4 microseconds until it reached the largest 32-bit value possible (4,294,967,295) at which point it “wrapped around” to 0 and resumed incrementing. Any time a new connection is set up, the ISN was taken from the current value of this timer. Since it takes over 4 hours to count from 0 to 4,294,967,295 at 4 microseconds per increment, this virtually assured that each connection will not conflict with any previous ones.But this method has also some drawback i.e a hacker or any computer network expert would write code to analyze ISNs and then predict the ISN of a subsequent TCP connection based on the ISNs used in earlier ones.This represents a security risk in the network which was occurred in the past.Now to overcome this situation network experts use a random number in their ISN selection process.

Hope you enjoy it.
Please give your comments for more improvement.

No comments:


Copyright 2007 All Right Reserved. shine-on design by Nurudin Jauhari. and Published on Free Templates