Archived from groups: microsoft.public.windowsxp.security_admin (
More info?)
For my question, the key is that the random ISNs disobey the RFC protoals
about TCP/IP for ISNs increment set. They may affect the TCP communication
between the host and the network, result the confusion in communication.
Refrence:
1,Microsoft Windows Server 2003 TCP/IP Implementation Details
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/networking/tcpip03.mspx
"Windows Server 2003 TCP/IP has also been strengthened against a variety of
attacks that were published over the past couple of years and has been
subject to an internal security review intended to reduce susceptibility to
future attacks. For instance, the initial sequence number (ISN) algorithm has
been modified so that ISNs increase in random increments, using an RC4-based
random number generator initialized with a 2048-bit random key upon system
startup."
2,RFC
"Steve Riley [MSFT]" wrote:
> I'm not sure of the point of your post. Random ISNs are good because they
> make it far harder to predict sequence numbers and conduct certain kinds
> of man-in-the-middle attacks.
>
> Steve Riley
> steriley@microsoft.com
>
>
>
> > I discover the initial sequence number (ISN) algorithm has been
> > modified so that ISNs in random generated in xp sp2.
> >
>
>
>
Facebook
Twitter
Instagram