[LACNIC/Seguridad] IETF I-D: Port Randomization in the Network Time Protocol Version 4 (Fwd: New Version Notification for draft-ietf-ntp-port-randomization-05.txt)

Fernando Gont fgont en si6networks.com
Dom Jul 26 09:35:11 GMT+3 2020 

FYI,

https://www.ietf.org/internet-drafts/draft-ietf-ntp-port-randomization-05.txt

Reviews siempre bienvenidas.

Slds, y gracias!
Gont Bros.


-------- Forwarded Message --------
Subject: New Version Notification for 
draft-ietf-ntp-port-randomization-05.txt
Date: Sun, 26 Jul 2020 01:19:10 -0700
From: internet-drafts en ietf.org
To: Guillermo Gont <ggont en si6networks.com>, Miroslav Lichvar 
<mlichvar en redhat.com>, Fernando Gont <fgont en si6networks.com>


A new version of I-D, draft-ietf-ntp-port-randomization-05.txt
has been successfully submitted by Fernando Gont and posted to the
IETF repository.

Name:		draft-ietf-ntp-port-randomization
Revision:	05
Title:		Port Randomization in the Network Time Protocol Version 4
Document date:	2020-07-26
Group:		ntp
Pages:		10
URL: 
https://www.ietf.org/internet-drafts/draft-ietf-ntp-port-randomization-05.txt
Status: 
https://datatracker.ietf.org/doc/draft-ietf-ntp-port-randomization/
Htmlized: 
https://tools.ietf.org/html/draft-ietf-ntp-port-randomization-05
Htmlized: 
https://datatracker.ietf.org/doc/html/draft-ietf-ntp-port-randomization
Diff: 
https://www.ietf.org/rfcdiff?url2=draft-ietf-ntp-port-randomization-05

Abstract:
    The Network Time Protocol can operate in several modes.  Some of
    these modes are based on the receipt of unsolicited packets, and
    therefore require the use of a service/well-known port as the local
    port number.  However, in the case of NTP modes where the use of a
    service/well-known port is not required, employing such well-known/
    service port unnecessarily increases the ability of attackers to
    perform blind/off-path attacks.  This document formally updates
    RFC5905, recommending the use of port randomization for those modes
    where use of the NTP service port is not required.

 


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat

Más información sobre la lista de distribución Seguridad