[tcpm] Fwd: [Tsvwg] I-D Action:draft-ietf-tsvwg-port-randomization-00.txt
Fernando Gont <fernando@gont.com.ar> Thu, 06 December 2007 22:47 UTC
Return-path: <tcpm-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1J0PV2-0006GD-GU; Thu, 06 Dec 2007 17:47:20 -0500
Received: from tcpm by megatron.ietf.org with local (Exim 4.43) id 1J0PV1-0006G7-Dh for tcpm-confirm+ok@megatron.ietf.org; Thu, 06 Dec 2007 17:47:19 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1J0PV1-0006EJ-1I for tcpm@ietf.org; Thu, 06 Dec 2007 17:47:19 -0500
Received: from smtp1.xmundo.net ([201.216.232.80]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1J0PV0-00082B-2M for tcpm@ietf.org; Thu, 06 Dec 2007 17:47:18 -0500
Received: from venus.xmundo.net (venus.xmundo.net [201.216.232.56]) by smtp1.xmundo.net (Postfix) with ESMTP id 6CFEC5A8AA6 for <tcpm@ietf.org>; Thu, 6 Dec 2007 19:47:20 -0300 (ART)
Received: from IBM-Kovalski.gont.com.ar (190-48-244-19.speedy.com.ar [190.48.244.19] (may be forged)) (authenticated bits=0) by venus.xmundo.net (8.13.8/8.13.8) with ESMTP id lB6MlDnS008342 for <tcpm@ietf.org>; Thu, 6 Dec 2007 19:47:15 -0300
Message-Id: <7.0.1.0.0.20071206194615.059a7d40@gmx.net>
X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0
Date: Thu, 06 Dec 2007 19:49:01 -0500
To: tcpm@ietf.org
From: Fernando Gont <fernando@gont.com.ar>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-3.0 (venus.xmundo.net [201.216.232.56]); Thu, 06 Dec 2007 19:47:19 -0300 (ART)
X-Spam-Score: 0.8 (/)
X-Scan-Signature: 3a4bc66230659131057bb68ed51598f8
Subject: [tcpm] Fwd: [Tsvwg] I-D Action:draft-ietf-tsvwg-port-randomization-00.txt
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org
Folks, FYI, we have submitted a new revision of our port randomization draft. This is the first revision of the doc since it was accepted as a wg item of the tsvwg. Any feedback will be more than welcome. Thanks! >To: i-d-announce@ietf.org >From: Internet-Drafts@ietf.org >Date: Thu, 06 Dec 2007 17:20:01 -0500 >X-Spam-Score: 0.0 (/) >X-Scan-Signature: 14582b0692e7f70ce7111d04db3781c8 >Cc: tsvwg@ietf.org >Subject: [Tsvwg] I-D Action:draft-ietf-tsvwg-port-randomization-00.txt >X-BeenThere: tsvwg@ietf.org >X-Mailman-Version: 2.1.5 >List-Id: Transport Area Working Group <tsvwg.ietf.org> >List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tsvwg>, > <mailto:tsvwg-request@ietf.org?subject=unsubscribe> >List-Post: <mailto:tsvwg@ietf.org> >List-Help: <mailto:tsvwg-request@ietf.org?subject=help> >List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tsvwg>, > <mailto:tsvwg-request@ietf.org?subject=subscribe> >X-GMX-Antivirus: -1 (not scanned, may not use virus scanner) >X-GMX-Htest: 0.46 >X-GMX-Antispam: 0 (Mail was not recognized as spam) >X-GMX-UID: qgQxKIBAMydyh9prVGtlb79raGRhZlpf > >A New Internet-Draft is available from the on-line Internet-Drafts >directories. >This draft is a work item of the Transport Area Working Group >Working Group of the IETF. > > > Title : Port Randomization > Author(s) : M. Larsen, F. Gont > Filename : draft-ietf-tsvwg-port-randomization-00.txt > Pages : 22 > Date : 2007-12-06 > >Recently, awareness has been raised about a number of "blind" attacks >that can be performed against the Transmission Control Protocol (TCP) >and similar protocols. The consequences of these attacks range from >throughput-reduction to broken connections or data corruption. These >attacks rely on the attacker's ability to guess or know the five- >tuple (Protocol, Source Address, Destination Address, Source Port, >Destination Port) that identifies the transport protocol instance to >be attacked. This document describes a simple and efficient method >for random selection of the client port number, such that the >possibility of an attacker guessing the exact value is reduced. >While this is not a replacement for cryptographic methods, the >described port number randomization algorithms provide improved >security/obfuscation with very little effort and without any key >management overhead. The mechanisms described in this document are a >local modification that may be incrementally deployed, and that does >not violate the specifications of any of the transport protocols that >may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP. > >A URL for this Internet-Draft is: >http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-port-randomization-00.txt > >To remove yourself from the I-D Announcement list, send a message to >i-d-announce-request@ietf.org with the word unsubscribe in the body of >the message. >You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce >to change your subscription settings. > >Internet-Drafts are also available by anonymous FTP. Login with the >username "anonymous" and a password of your e-mail address. After >logging in, type "cd internet-drafts" and then > "get draft-ietf-tsvwg-port-randomization-00.txt". > >A list of Internet-Drafts directories can be found in >http://www.ietf.org/shadow.html >or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > >Internet-Drafts can also be obtained by e-mail. > >Send a message to: > mailserv@ietf.org. >In the body type: > "FILE /internet-drafts/draft-ietf-tsvwg-port-randomization-00.txt". > >NOTE: The mail server at ietf.org can return the document in > MIME-encoded form by using the "mpack" utility. To use this > feature, insert the command "ENCODING mime" before the "FILE" > command. To decode the response(s), you will need "munpack" or > a MIME-compliant mail reader. Different MIME-compliant mail readers > exhibit different behavior, especially when dealing with > "multipart" MIME messages (i.e. documents which have been split > up into multiple messages), so check your local documentation on > how to manipulate these messages. > >Below is the data which will enable a MIME compliant mail reader >implementation to automatically retrieve the ASCII version of the >Internet-Draft. > >Content-Type: text/plain >Content-ID: <2007-12-06171011.I-D@ietf.org> > >ENCODING mime >FILE /internet-drafts/draft-ietf-tsvwg-port-randomization-00.txt > > ><ftp://ftp.ietf.org/internet-drafts/draft-ietf-tsvwg-port-randomization-00.txt> -- Fernando Gont e-mail: fernando@gont.com.ar || fgont@acm.org PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1 _______________________________________________ tcpm mailing list tcpm@ietf.org https://www1.ietf.org/mailman/listinfo/tcpm
- [tcpm] Fwd: [Tsvwg] I-D Action:draft-ietf-tsvwg-p… Fernando Gont