This Internet-Draft is no longer active. Unofficial copies of old Internet-Drafts can be found here:
http://tools.ietf.org/id/draft-ietf-tcpm-tcp-antispoof.
Abstract:
Recent analysis of potential attacks on core Internet infrastructure indicates
an increased vulnerability of TCP connections to spurious resets (RSTs), sent with forged IP source
addresses (spoofing). TCP has always been susceptible to such RST spoofing attacks, which were indirectly
protected by checking that the RST sequence number was inside the current receive window, as
well as via the obfuscation of TCP endpoint and port numbers. For pairs of well-known
endpoints often over predictable port pairs, such as BGP or between web servers
and well-known large-scale caches, increases in the path bandwidth-delay product of a
connection have sufficiently increased the receive window space that off-path third parties can
brute-force generate a viable RST sequence number. The susceptibility to attack increases with the
square of the bandwidth, and thus presents a significant vulnerability for recent high-speed networks.
This document addresses this vulnerability, discussing proposed solutions at the transport level and their
inherent challenges, as well as existing network level solutions and the feasibility of their
deployment. This document focuses on vulnerabilities due to spoofed TCP segments, and includes a
discussion of related ICMP spoofing attacks on TCP connections. This memo provides information
for the Internet community.
Authors:
Joseph Touch <touch@isi.edu>
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid)
datatracker.ietf.org