Profile: Dan O'Connor
I have been doing some research for a project and I wanted to share some things. During the three way handshake each host sets it’s own ISN.
- Host 1 sends a SYN packet to Host 2 with A as the ISN (Initial Sequence Number), this number should be non-predictable.
- Host 2 responds back with a SYN-ACK the an ACK number of A + 1 and ISN of B.
- Host 1 responds back with a ACK with the ACK set to B + 1 and a ISN of A + 2.
If you add a -S to tcpdump you will see the absolute sequence numbers instead of relative.