How TCP Sequence Prediction Attacks Work

TCP refers to Transmission Control Protocol which is a protocol that is used in conjunction with an Internet Protocol (IP) to send packets of information between computers over the Internet. A TCP sequence prediction attack is an attempt to identify the information packets that are being transmitted between computers. A TCP attack attempts to predict the number sequence of the information packets but can also deploy counterfeit packets to hijack a TCP session.

How TCP Attacks Work

Hackers that perpetrate TCP sequence prediction attacks eavesdrop on the communications between two computers. Once they target the communications information, packets are issued to the target computer. The information packets contain the IP address of the trusted computer that is communicating with the target computer.

The information packets that are issued with the IP address contain a number sequence that the target computer is expecting to receive. The information packets arrive on the targeted computer before the packets from the trusted computer which is the computer connection that is being hijacked. When the trusted computer is hijacked, the hacker sends the data that allows him to access the target host connection using a recognized TCP/IP address.

A TCP sequence prediction attack exploits the weaknesses in services that rely on the authentication of IP addresses. These are usually Unix, NFS, or XD-Windows services that require authentication which can be exploited with a TCP attack.

The TCP Sequence Prediction Hijack

Before the hijacking of the TCP connection takes place, the hacker generally eliminates the trusted computer from the network by perpetrating a denial of service attack. New connections are then created on the network to send information packets. An initial sequence number generator is deployed to assign number sequences in increments over a specified period of time. The generator cycles every few hours to ensure that the sequence numbers that are generated are unique.

Although the initial sequence number generator provides a measure of security with the new connections it generates, a hacker that studies the number sequence can predict the sequence as well as the algorithms associated with the number sequence and then use it to hijack the TCP connection.

How to Provide Protection from TCP Attacks

TCP sequence prediction attacks can be prevented by configuring a router or firewall to disallow information packets that originate from an internal IP address to enter the system from an external location. While this cannot provide total protection against this type of attack, it is effective in preventing TCP attacks from reaching the target computer connection.

Fraud causes hundreds of millions of dollars in damage each year and affects just as many people.

Credit card fraud is the most common type of fraud to occur each year and cost its victims up to $500 million dollars in damages each year. Despite the frequent occurrence of this type of fraud, millions of credit card users are still unaware of how to protect themselves against this type of thievery.

No one is completely safe from being defrauded. But, by learning how to protect against fraud, you will be better equipped to prevent yourself from falling into a scam that could cost you everything. Taking the time to protect yourself can help to keep you safe.