This document contains a security assessment of the specifications of the Transmission Control Protocol (TCP), and of a number of mechanisms and policies in use by popular TCP implementations. Additionally, it contains best current practices for hardening a TCP implementation.