Use of TCP timestamp option to defend against blind spoofing attack
draft-poon-tcp-tstamp-mod-01

Document Type Expired Internet-Draft (individual)
Last updated 2004-10-26
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-poon-tcp-tstamp-mod-01.txt

Abstract

The US-CERT alert (TA04-111A) shows that the well-known weakness in TCP's segment acceptance test is easier to exploit than previously thought. While there are already mechanisms, such as RFC 2385 for BGP and IPSEC, to defend against this kind of attack, we propose a light weight method making use of TCP timestamp (RFC 1323) option as an alternative.

Authors

Kacheong Poon (kcpoon@eng.sun.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)