The most efficient way to manipulate ISN numbers in TCP headers

Question

The most efficient way to manipulate ISN numbers in TCP headers

I'm currently trying to write a program that can create a stable TCP connection and have full control over ISN numbers. I wrote in C, and I am at a point where my very limited knowledge has reached its limits, and I was wondering if there is a better way to do this.

I tried to create headers manually using raw sockets to send and receive packets without kernel intervention, which is a problem.

So, regardless of the language, what do you consider the most efficient and easiest way to manipulate ISN?

+4

c header network-programming low-level tcp

youjustreadthis Aug 31 '12 at 10:04

source share

1 answer

Toc · Answer 1 · 2012-09-01T00:21:16+0000

Well, ISN is randomly generated to prevent ISN perediction attacks ( http://www.thegeekstuff.com/2012/01/tcp-sequence-number-attacks/ ).

The Linux network stack uses the tcp_v4_init_sequence function to generate the ISN ( http://lxr.free-electrons.com/source/net/ipv4/tcp_ipv4.c#L101 ), this function calls the secure_tcp_sequence_number function ( http: //lxr.free-electrons .com / source / net / core / secure_seq.c # L106 ) to complete the job. Take a look at this feature and try cloning it to use it with your code from user space.

If you have enough time, you can look at section 3 of RFC 6528 ( http://www.rfc-editor.org/rfc/rfc6528.txt ), it describes the ISN generation algorithm:

 ISN = M + F(localip, localport, remoteip, remoteport, secretkey)

And try to implement it if you want :)

The most efficient way to manipulate ISN numbers in TCP headers

More articles: