[LACNIC/Seguridad] Nueva revisión de nuestro IETF I-D sobre Port Randomization

Fernando Gont fernando en gont.com.ar
Dom Ago 31 10:29:14 BRT 2008

Hash: SHA256

Hola a todos,

Acabamos de publicar una revisión de nuestro IETF Internet-Draft sobre
"Port Randomization".  El mismo está disponible en el repositorio de la
IETF, y en:
omization-02.txt (asimismo, pueden encontrar el mismo documento en formato
HTML y PDF en: http://www.gont.com.ar/drafts/port-randomization/index.html)

Esta nueva revisión intenta responder a los comentarios que recibimos de
Amit Klein, Matthias Bethke, y Alfred Hoenes.

El "Abstract" del documento es:
- ---- cut here ----
    Recently, awareness has been raised about a number of "blind" attacks
    that can be performed against the Transmission Control Protocol (TCP)
    and similar protocols.  The consequences of these attacks range from
    throughput-reduction to broken connections or data corruption.  These
    attacks rely on the attacker's ability to guess or know the five-
    tuple (Protocol, Source Address, Destination Address, Source Port,
    Destination Port) that identifies the transport protocol instance to
    be attacked.  This document describes a number of simple and
    efficient methods for the random selection of the client port number,
    such that the possibility of an attacker guessing the exact value is
    reduced.  While this is not a replacement for cryptographic methods,
    the described port number randomization algorithms provide improved
    security/obfuscation with very little effort and without any key
    management overhead.  The algorithms described in this document are
    local policies that may be incrementally deployed, and that do not
    violate the specifications of any of the transport protocols that may
    benefit from them, such as TCP, UDP, UDP-lite, SCTP, DCCP, and RTP.
- ---- cut here ----

Cualquier comentario será bienvenido.


Saludos cordiales,
- --
Fernando Gont
e-mail: fernando en gont.com.ar || fgont en acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

Version: PGP Desktop 9.5.3 (Build 5003) - not 
licensed for commercial use: www.pgp.com


Fernando Gont
e-mail: fernando en gont.com.ar || fgont en acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

Más información sobre la lista de distribución Seguridad