How TCP Sequence Prediction Attacks Work

TCP refers to Transmission Control Protocol which is a protocol that is used in conjunction with an Internet Protocol (IP) to send packets of information between computers over the Internet. A TCP sequence prediction attack is an attempt to identify the information packets that are being transmitted between computers. A TCP attack attempts to predict the number sequence of the information packets but can also deploy counterfeit packets to hijack a TCP session.

How TCP Attacks Work

Hackers that perpetrate TCP sequence prediction attacks eavesdrop on the communications between two computers. Once they target the communications information, packets are issued to the target computer. The information packets contain the IP address of the trusted computer that is communicating with the target computer.

The information packets that are issued with the IP address contain a number sequence that the target computer is expecting to receive. The information packets arrive on the targeted computer before the packets from the trusted computer which is the computer connection that is being hijacked. When the trusted computer is hijacked, the hacker sends the data that allows him to access the target host connection using a recognized TCP/IP address.

A TCP sequence prediction attack exploits the weaknesses in services that rely on the authentication of IP addresses. These are usually Unix, NFS, or XD-Windows services that require authentication which can be exploited with a TCP attack.

The TCP Sequence Prediction Hijack

Before the hijacking of the TCP connection takes place, the hacker generally eliminates the trusted computer from the network by perpetrating a denial of service attack. New connections are then created on the network to send information packets. An initial sequence number generator is deployed to assign number sequences in increments over a specified period of time. The generator cycles every few hours to ensure that the sequence numbers that are generated are unique.

Although the initial sequence number generator provides a measure of security with the new connections it generates, a hacker that studies the number sequence can predict the sequence as well as the algorithms associated with the number sequence and then use it to hijack the TCP connection.

How to Provide Protection from TCP Attacks

TCP sequence prediction attacks can be prevented by configuring a router or firewall to disallow information packets that originate from an internal IP address to enter the system from an external location. While this cannot provide total protection against this type of attack, it is effective in preventing TCP attacks from reaching the target computer connection.

Identity theft comes in many forms.

A person’s identity can be 'borrowed' for the purpose of creating fictional credit cards or a person’s entire identity can be usurped to the point where they can have difficulty proving that they really are who they claim to be.

Up to 18% of identity theft victims take as long as four years to realize that their identity has been stolen.

There are many ways to protect your personal identity and many steps you can take to prevent your identity from being stolen:

*Never give out unnecessary personal information
*Never provide bank details or social security numbers over the Internet
*Always remain aware of who is standing behind you when you type in your personal credit codes at ATM machines and at supermarket checkout swipe machines.