Re: [tcpm] I-D Action:draft-ietf-tcpm-tcpsecure-11.txt

Fernando Gont <> Mon, 03 November 2008 05:08 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id E332D3A688E; Sun, 2 Nov 2008 21:08:24 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5A30E3A688E for <>; Sun, 2 Nov 2008 21:08:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.991
X-Spam-Status: No, score=-0.991 tagged_above=-999 required=5 tests=[AWL=-0.362, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RCVD_IN_DNSWL_LOW=-1, RDNS_NONE=0.1, SARE_RECV_SPEEDY_AR=0.808]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ib6rBMH0UrLO for <>; Sun, 2 Nov 2008 21:08:23 -0800 (PST)
Received: from (unknown []) by (Postfix) with ESMTP id 72AED3A6866 for <>; Sun, 2 Nov 2008 21:08:22 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id E81DA6B6598 for <>; Mon, 3 Nov 2008 02:08:23 -0300 (ART)
Received: from ( [] (may be forged)) (authenticated bits=0) by (8.14.1/8.13.8) with ESMTP id mA3583sM005136 for <>; Mon, 3 Nov 2008 03:08:04 -0200
Message-Id: <>
X-Mailer: QUALCOMM Windows Eudora Version
Date: Mon, 03 Nov 2008 02:00:33 -0300
From: Fernando Gont <>
In-Reply-To: <>
References: <>
Mime-Version: 1.0
X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-3.0 ( []); Mon, 03 Nov 2008 02:08:22 -0300 (ART)
Subject: Re: [tcpm] I-D Action:draft-ietf-tcpm-tcpsecure-11.txt
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"

At 01:15 a.m. 03/11/2008, wrote:

>TCP has historically been considered protected against spoofed off-
>path packet injection attacks by relying on the fact that it is
>difficult to guess the 4-tuple (the source and destination IP
>addresses and the source and destination ports) in combination with
>the 32 bit sequence number(s).  A combination of increasing window
>sizes and applications using longer term connections (e.g.  H-323 or
>Border Gateway Protocol [RFC4271]) have left modern TCP
>implementations more vulnerable to these types of spoofed packet
>injection attacks.

It was pointed out by a number of us (e.g., Joe Touch and me) that 
this document should probably reference the ongoing work at tsvwg on 
port randomization 

Considering that nowadays TCP implementations such as that FreeBSD, 
OpenBSD, Linux, and Cisco itself do implement some form of ephemeral 
port randomization, some statements in the document wrt port 
randomization seem inacurate. (e.g., do *current* TCP implementations 
used for servicing BGP not randomize their ephemeral ports).

(FWIW, I don't care about our doc being referenced.... but talking 
about guessing the connection-id while ignoring what is currently 
being done about ephemeral port selection doesn't seem quite right to me).


Kind regards,

Fernando Gont
e-mail: ||
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

tcpm mailing list