The ISS is incremented by 1 for each connection, and is thus easily
spoofable and hijackable. The predictability exposes sideband information
about when the switch is being used by other (possibly legitimate) users.
The hosts behind the switch are NOT affected by this issue. The faked IP
addresses offer the predictability of the hosted platform (ie Linux 2.2.14
== good luck!, Win9x == trivial joke).