Skip to main content

Use of TCP timestamp option to defend against blind spoofing attack
draft-poon-tcp-tstamp-mod-01

Document Type Expired Internet-Draft (individual)
Expired & archived
Author Kacheong Poon
Last updated 2004-10-26
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

The US-CERT alert (TA04-111A) shows that the well-known weakness in TCP's segment acceptance test is easier to exploit than previously thought. While there are already mechanisms, such as RFC 2385 for BGP and IPSEC, to defend against this kind of attack, we propose a light weight method making use of TCP timestamp (RFC 1323) option as an alternative.

Authors

Kacheong Poon

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)