Anti-replay is a sub-protocol of IPsec that is part of Internet Engineering Task Force (IETF). The main goal of anti-replay is to avoid hackers injecting or making changes in packets that travel from a source to a destination. Anti-replay protocol uses a unidirectional security association in order to establish a secure connection between two nodes in the network. Once a secure connection is established, the anti-replay protocol will use a sequence number or a counter. When the source sends a message, it adds a sequence number to its packet starting at 0 and increments every time it sends another message. The other end, which is the destination, receives the message and keeps a history of the number and shifts it as the new number. If the next message has a lower number, the destination will drop the packet, and, if the number is larger than the previous one, it keeps and shifts it as the new number and so forth. 
See also Replay attack.
- Szigeti, Tim; Hattingh, Christina (2005). End-to-end QoS network design : Quality of service in LANs, WANs, and VPNs. Indianapolis, IN: Cisco Press. p. 732. ISBN 1-58705-176-1.
- Lee, Donald C. (1999). Enhanced IP services for Cisco networks. Indianapolis, IN, USA: Cisco Press. p. 386. ISBN 1-57870-106-6.
|This Internet-related article is a stub. You can help Wikipedia by expanding it.|