Most modern TCP implementations use pseudo-random number generators (PRNG) to determine starting sequence numbers for TCP sessions. With such generators, it is difficult to compute the ith number generated, given only the (i - 1)th number generated. Explain what network security risks are created if an attacker is able to break such a PRNG so that he can in fact easily compute the ith number generated, given only the (i - 1)th number generated.

Answer and Explanation:

Network security risks if an attacker is able to break such a pseudo-random number generator (PRNG) so that ith number generated can be easily computed by (i-1)st number generated are as follows :

1. Session hijack: If the attacker has previously generated PRNG code, he will easily generate the current session sequence number random code to hijack the current session.

2. Counterfeit packets: With help of previously PRNG generated sequence number next sequence numbers are also predicted, which leads to counterfeit packets.

3. Code Injection: By predicting sequence numbers attacker can inject malicious code in the TCP segments.

4. Denial of service attack: This attack is caused by bot nets, when bot nets have legitimate access to a TCP segment. The bot nets will perform distributed denial of service attack.

5. Premature closure of an existing TCP connection: this kind of premature closure is performed by setting RST bit.