RFC 6528 on Defending against Sequence Number Attacks
- From: Fernando Gont <fgont@xxxxxxxxxxxxxxx>
- Date: Fri, 03 Feb 2012 01:59:26 -0300
FYI. (the RFC is available at: <http://www.rfc-editor.org/rfc/rfc6528.txt>)
A new Request for Comments is now available in online RFC libraries.
Title: Defending against Sequence Number Attacks
Author: F. Gont, S. Bellovin
Status: Standards Track
Date: February 2012
I-D Tag: draft-ietf-tcpm-rfc1948bis-02.txt
This document specifies an algorithm for the generation of TCP
Initial Sequence Numbers (ISNs), such that the chances of an off-path
attacker guessing the sequence numbers in use by a target connection
are reduced. This document revises (and formally obsoletes) RFC
1948, and takes the ISN generation algorithm originally proposed in
that document to Standards Track, formally updating RFC 793.
This document is a product of the TCP Maintenance and Minor Extensions
Working Group of the IETF.
This is now a Proposed Standard Protocol.
STANDARDS TRACK: This document specifies an Internet standards track
protocol for the Internet community,and requests discussion and suggestions
for improvements. Please refer to the current edition of the Internet
Official Protocol Standards (STD 1) for the standardization state and
status of this protocol. Distribution of this memo is unlimited.
This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html.
For downloading RFCs, see http://www.rfc-editor.org/rfc.html.
Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@xxxxxxxxxxxxxxx Unless
specifically noted otherwise on the RFC itself, all RFCs are for
- Prev by Date: [SECURITY] [DSA 2403-1] php5 security update
- Next by Date: ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability
- Previous by thread: [SECURITY] [DSA 2403-1] php5 security update
- Next by thread: ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability