Why is the initial sequence number of TCP random


Before TCP starts to transmit data, the client and server need torandomGenerate their own initial sequence number (ISN), and then exchange confirmation through three handshakes.

Question: why is the ISN random?

Consider the scenario, B is the server, a is a legal client, C counterfeits a (such as analog IP) to communicate with B.

Because the ISN is random, C cannot transfer data to B in the end.


C fakes a, B sends ack directly to a after accepting

Since a has never sent SEQ = isn_ C’s request, when a receives the ISN_ After C’s ACK, it directly sends reset to B, and finally closes the link.

Adding the initial sequence number is not random, but can be inferred, so C can get the ISN_ B. Then simulate an ACK in the past, and B will eventually establish a link,

C starts to transfer data, which will cause very serious security problems, so random isn is necessary.