Suppose Alice and Bob are communicating over an SSL session. Suppose an attacker, who does not have any of the shared keys, inserts a bogus TCP segment into a packet stream with correct TCP checksum and sequence numbers (and correct IP addresses and port numbers). Will SSL at the receiving side accept the bogus packet and pass the payload to the receiving application? Why or why not?
No, SSL at the receiving side will not accept the bogus packet and pass the payload to the receiving application.
Explanation:
Hence, even if the attacker manages to forge a TCP segment with correct checksum and sequence numbers, SSL's higher-level mechanisms will prevent the acceptance of the bogus packet and ensure the security and integrity of the communication.