CAPEC-324: TCP (ISN) Sequence Predictability Probe

This type of operating system probe attempts to determine an estimate for how predictable the sequence number generation algorithm is for a remote host. Statistical techniques, such as standard deviation, can be used to determine how predictable the sequence number generation is for a system. This result can then be compared to a database of operating system behaviors to determine a likely match for operating system and version.

Low

Typical severity

Per MITRE

Medium

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

Overview

CAPEC-324 (TCP (ISN) Sequence Predictability Probe) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-324: TCP (ISN) Sequence Predictability Probe

Overview

What the attacker needs

Prerequisites

Resources required

Consequences

Frequently asked questions

What is CAPEC-324?

What weaknesses does CAPEC-324 target?

How severe is CAPEC-324?

References

Defend against CAPEC-324

Overview

What the attacker needs

Prerequisites

Resources required

Consequences

Related weaknesses

Related attack patterns

Parent

Frequently asked questions

What is CAPEC-324?

What weaknesses does CAPEC-324 target?

How severe is CAPEC-324?

References

Defend against CAPEC-324