- This topic has 1 reply, 2 voices, and was last updated 14 years, 5 months ago by
.
-
Posts
-
-
Hi All,
Recently I came across an article about Initial Sequence Number. The article says:
>>A Sequence number is a 32-bit number ranging from 1 to 4,294,967,295.
>> At bootstrapping time, the ISN is assigned a value of 1.
>> The ISN gets incremented by 128,000 every second and with every connection being established, it gets incremented by 64,000.Now at one particular instance, if the ISN is 12345 (for example), what will be the ISN after the system is restarted? Will it be reset to 1 or is it stored somewhere in the address? More discussion or links to this topic will be really good.
Regards,
Morpheus
-
I’m assuming you’re talking about TCP ISN’s, and the article you read was by Ankit Fadia?
As far as I can tell from the tcp specification, the ISN doesn’t have to be set to 1 at bootstrap time to meet standards, but to answer your question directly if it IS set to one at bootstrap, then yes once a machine is restarted the ISN would be 1 again. This is all layed out in the rfc793 (TCP): http://rfc.sunsite.dk/rfc/rfc793.html
for more information on how more secure implementations SHOULD generate/permute ISN’s check out steven bellovins RFC on ISN’s: http://rfc.sunsite.dk/rfc/rfc1948.html
also, for info on how most implementations actually do their isn generation/permutations (which is poorly for the most part) read Michael Zalewski’s research here: http://lcamtuf.coredump.cx/oldtcp/tcpseq.html#abs and here: http://lcamtuf.coredump.cx/newtcp/
-Ryan
-
- You must be logged in to reply to this topic.
