Fernando Gont

This document specifies an algorithm for the generation of T Initial Sequence Numbers (ISNs), such that the chances of an off-path attacker guessing the sequence numbers in use by a target connection are reduced. This document revises (and formally obsoletes) RFC 1948, and takes the ISN generation algorithm originally proposed in that document to Standards Track, formally updating RFC 793.

This document contains a security assessment of the IETF specifications of the Internet Protocol version 4 and of a number of mechanisms and policies in use by popular IPv4 implementations. It is based on the results of a project carried out by the UK's Centre for the Protection of National Infrastructure (NI).

This document describes an algorithm for processing incoming SYN segments that allows higher connection-establishment rates between any two T endpoints when a T Timestamps option is present in the incoming SYN segment. This document only modifies processing of SYN segments received for connections in the TIME-WAIT state; processing in all other states is unchanged.

During the last few years, awareness has been raised about a number of "blind" attacks that can be performed against the Transmission Control Protocol (T) and similar protocols. The consequences of these attacks range from throughput reduction to broken connections or data corruption. These attacks rely on the attacker's ability to guess or know the five-tuple (Protocol, Source Address, Destination Address, Source Port, Destination Port) that identifies the transport protocol instance to be… Mostrar más

During the last few years, awareness has been raised about a number of "blind" attacks that can be performed against the Transmission Control Protocol (T) and similar protocols. The consequences of these attacks range from throughput reduction to broken connections or data corruption. These attacks rely on the attacker's ability to guess or know the five-tuple (Protocol, Source Address, Destination Address, Source Port, Destination Port) that identifies the transport protocol instance to be attacked. This document describes a number of simple and efficient methods for the selection of the client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods for protecting the transport-protocol instance, the aforementioned port selection algorithms provide improved security with very little effort and without any key management overhead. The algorithms described in this document are local policies that may be incrementally deployed and that do not violate the specifications of any of the transport protocols that may benefit from them, such as T, UDP, UDP-lite, Stream Control Transmission Protocol (SCTP), Datagram Congestion Control Protocol (DC), and RTP (provided that the RTP application explicitly signals the RTP and RT port numbers).
Mostrar menos

This document analyzes how current T implementations process T urgent indications and how the behavior of some widely deployed middleboxes affects how end systems process urgent indications. This document updates the relevant specifications such that they accommodate current practice in processing T urgent indications, raises awareness about the reliability of T urgent indications in the Internet, and recommends against the use of urgent indications (but provides advice to applications… Mostrar más

This document analyzes how current T implementations process T urgent indications and how the behavior of some widely deployed middleboxes affects how end systems process urgent indications. This document updates the relevant specifications such that they accommodate current practice in processing T urgent indications, raises awareness about the reliability of T urgent indications in the Internet, and recommends against the use of urgent indications (but provides advice to applications that do). Mostrar menos

This document discusses the use of the Internet Control Message Protocol (ICMP) to perform a variety of attacks against the Transmission Control Protocol (T). Additionally, this document describes a number of widely implemented modifications to T's handling of ICMP error messages that help to mitigate these issues.

The T timeout controls how long transmitted data may remain unacknowledged before a connection is forcefully closed. It is a local, per-connection parameter. This document specifies a new T option -- the T Timeout Option -- that allows one end of a T connection to its current timeout value. This information provides advice to the other end of the T connection to adapt its timeout accordingly. Increasing the timeouts on both ends of a T… Mostrar más

The T timeout controls how long transmitted data may remain unacknowledged before a connection is forcefully closed. It is a local, per-connection parameter. This document specifies a new T option -- the T Timeout Option -- that allows one end of a T connection to its current timeout value. This information provides advice to the other end of the T connection to adapt its timeout accordingly. Increasing the timeouts on both ends of a T connection allows it to survive extended periods without end-to-end connectivity. Decreasing the timeouts allows busy servers to explicitly notify their clients that they will maintain the connection state only for a short time without connectivity. Mostrar menos

This document describes a non-standard, but widely implemented, modification to T's handling of ICMP soft error messages that rejects pending connection-requests when those error messages are received. This behavior reduces the likelihood of long delays between connection-establishment attempts that may arise in a number of scenarios, including one in which dual-stack nodes that have IPv6 enabled by default are deployed in IPv4 or mixed IPv4 and IPv6 environments.

This document is the result of a security assessment of the IETF specifications of the Transmission Control Protocol (T), from a security point of view. Possible threats are identified and, where possible, countermeasures are proposed. Additionally, many implementation flaws that have led to security vulnerabilities have been referenced in the hope that future implementations will not incur the same problems.

This document is the result of an assessment of the IETF specifications of the Internet Protocol from a security point of view. Possible threats were identified and, where possible, counter-measures were proposed. Additionally, many implementation flaws that have led to security vulnerabilities have been referenced in the hope that future implementations will not incur the same problems. This document does not limit itself to
performing a security assessment of the relevant IETF… Mostrar más

This document is the result of an assessment of the IETF specifications of the Internet Protocol from a security point of view. Possible threats were identified and, where possible, counter-measures were proposed. Additionally, many implementation flaws that have led to security vulnerabilities have been referenced in the hope that future implementations will not incur the same problems. This document does not limit itself to
performing a security assessment of the relevant IETF specification but also offers an assessment of common implementation strategies.

Whilst not aiming to be the final word on the security of the IP, this document aims to raise awareness about the many security threats based on the IP protocol that have been faced in the past, those that we are currently facing, and those we may still have to deal with in the future. It provides advice for the secure implementation of the IP, and also insights about the security aspects of the IP that may be of help to the Internet operations
community. Mostrar menos