Most modern TCP implementations use pseudo-random number generators (PRNG) to determine starting sequence numbers for TCP sessions. With such generators, it is difficult to compute the ith number generated, given only the (i - 1)st number generated. Explain what network security risks are created if an attacker is able to break such a PRNG so that he can in fact easily compute the ith number
generated, given only the (i - 1)st number generated.
What will be an ideal response?
First, the attacker initiates a TCP connection to the server to get a sequence
number generated by the server. Next, the attacker performs a session-spoofing blind
injection attack on a victim and the server by predicting the next TCP sequence number
generated by the PRNG.
You might also like to view...
Each presentation ____ contains objects such as titles, items in a bulleted list, graphics, and charts.
A. slide B. chart C. worksheet D. video clip
Punch cards were developed as part of the Jacquard loom to manufacture textiles containing complex patterns
Indicate whether the statement is true or false
Which of the following is not an Internet protocol?
a. ARPANET b. HTTP c. FTP d. BitTorrent
Note that each set of data members has its own starting address in memory, which corresponds to the address of the object's ____.
A. name B. declaration section C. implementation section D. first data member