[LACNIC/Seguridad] Fwd: [Technical Errata Reported] RFC6056 (3739)
Fernando Gont
fernando en gont.com.ar
Jue Sep 26 14:06:20 BRT 2013
Supercool... al menos uno de los algoritmos (doble-hash) creo que hasta
ahora no habia sido implementado...
-------- Original Message --------
Subject: [Technical Errata Reported] RFC6056 (3739)
Date: Thu, 26 Sep 2013 08:19:31 -0700 (PDT)
From: RFC Errata System <rfc-editor en rfc-editor.org>
To: michael.larsen en tieto.com, fernando en gont.com.ar,
spencerdawkins.ietf en gmail.com, mls.ietf en gmail.com, gorry en erg.abdn.ac.uk,
david.black en emc.com, jmpolk en cisco.com
CC: jym en NetBSD.org, tsvwg en ietf.org, rfc-editor en rfc-editor.org
The following errata report has been submitted for RFC6056,
"Recommendations for Transport-Protocol Port Randomization".
--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata_search.php?rfc=6056&eid=3739
--------------------------------------
Type: Technical
Reported by: Jean-Yves Migeon <jym en NetBSD.org>
Section: Appendix A
Original Text
-------------
NetBSD 5.0.1 does not obfuscate its ephemeral port numbers. It
selects ephemeral port numbers from the range 49152-65535, starting
from port 65535, and decreasing the port number for each ephemeral
port number selected [NetBSD].
Corrected Text
--------------
NetBSD 5.0.1 does not obfuscate its ephemeral port numbers. It
selects ephemeral port numbers from the range 49152-65535, starting
from port 65535, and decreasing the port number for each ephemeral
port number selected [NetBSD].
NetBSD 6.0 supports RFC 6056 Algorithms 1, 2, 3, 4 and 5 with port
numbers from the range 49152-65535 as documented in [NetBSD-RFC6056].
Notes
-----
The project implemented the RFC 6056 algorithms last year to obfuscate
the ephemeral port numbers.
[NetBSD-RFC6056] reference is:
The NetBSD Project, "NetBSD Miscellaneous Information Manual -- RFC
6056, Randomization Algorithms", man page - section 7, August 2011.
Instructions:
-------------
This errata is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party (IESG)
can log in to change the status and edit the report, if necessary.
--------------------------------------
RFC6056 (draft-ietf-tsvwg-port-randomization-09)
--------------------------------------
Title : Recommendations for Transport-Protocol Port
Randomization
Publication Date : January 2011
Author(s) : M. Larsen, F. Gont
Category : BEST CURRENT PRACTICE
Source : Transport Area Working Group
Area : Transport
Stream : IETF
Verifying Party : IESG
--
Fernando Gont
e-mail: fernando en gont.com.ar || fgont en si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
Más información sobre la lista de distribución Seguridad