what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 4 of 4

Files from Michael Vittrup Larsen

RFC6056 - Recommendations For Transport-Protocol Port Randomization

Posted Jan 21, 2011

Authored by Fernando Gont, Michael Vittrup Larsen

RFC6056 has been released and is titled Recommendations for Transport-Protocol Port Randomization.

tags | paper, protocol

SHA-256 | 2d899269f777944a49b7bcd5373a53284b4b6425a5e957bee90959e976ad26bb

Download | Favorite | View

draft-ietf-tsvwg-port-randomization-02.txt

Posted Sep 3, 2008

Authored by Fernando Gont, Michael Vittrup Larsen | Site ietf.org

This document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.

Changes: This new revision of the document addresses the feedback we got from Amit Klein, Matthias Bethke, and Alfred Hoenes.

tags | paper, local, udp, tcp, protocol

SHA-256 | 61b14f84224795032551d1a5e2ebfe45a4f86868563581fff491e9408e636381

Download | Favorite | View

draft-ietf-tsvwg-port-randomization-01.txt

Posted Jul 17, 2008

Authored by Fernando Gont, Michael Vittrup Larsen | Site ietf.org

This document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.

tags | paper, local, udp, tcp, protocol

SHA-256 | 1ce58606d3eddff9223fe3a488f8c0cc0f6238e521811ffc418b4dd84491b12b

Download | Favorite | View

draft-ietf-tsvwg-port-randomization-00.txt

Posted Dec 8, 2007

Authored by Fernando Gont, Michael Vittrup Larsen | Site ietf.org

This document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.

tags | paper, local, udp, tcp, protocol

SHA-256 | f6784276bc77577f72c09f503deab41ce6fabf7bb9a8b44edd61410211141a2c

Download | Favorite | View