{"draft":"draft-ietf-tsvwg-port-randomization-09","doc_id":"RFC6056","title":"Recommendations for Transport-Protocol Port Randomization","authors":["M. Larsen","F. Gont"],"format":["ASCII","HTML"],"page_count":"29","pub_status":"BEST CURRENT PRACTICE","status":"BEST CURRENT PRACTICE","source":"Transport and Services Working Group","abstract":"During the last few years, awareness has been raised about a number\r\nof \"blind\" attacks that can be performed against the Transmission\r\nControl Protocol (TCP) and similar protocols.  The consequences of\r\nthese attacks range from throughput reduction to broken connections\r\nor data corruption.  These attacks rely on the attacker's ability to\r\nguess or know the five-tuple (Protocol, Source Address, Destination\r\nAddress, Source Port, Destination Port) that identifies the transport\r\nprotocol instance to be attacked.  This document describes a number\r\nof simple and efficient methods for the selection of the client port\r\nnumber, such that the possibility of an attacker guessing the exact\r\nvalue is reduced.  While this is not a replacement for cryptographic\r\nmethods for protecting the transport-protocol instance, the\r\naforementioned port selection algorithms provide improved security\r\nwith very little effort and without any key management overhead.  The\r\nalgorithms described in this document are local policies that may be\r\nincrementally deployed and that do not violate the specifications of\r\nany of the transport protocols that may benefit from them, such as\r\nTCP, UDP, UDP-lite, Stream Control Transmission Protocol (SCTP),\r\nDatagram Congestion Control Protocol (DCCP), and RTP (provided that\r\nthe RTP application explicitly signals the RTP and RTCP port\r\nnumbers).  This memo documents an Internet Best Current Practice.","pub_date":"January 2011","keywords":["[--------]","tcp","transmission control protocl","blind attacks"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":["BCP0156"],"doi":"10.17487\/RFC6056","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc6056"}