RFC 5961

"Improving TCP's Robustness to Blind In-Window Attacks", August 2010

Canonical URL:: http://www.rfc-editor.org/rfc/rfc5961.txt
This document is also available in this non-normative format: PDF.
Status:: PROPOSED STANDARD
Authors:: A. Ramaiah
R. Stewart
M. Dalal
Stream:: IETF
Source:: tcpm (tsv)

Please refer here for any errata for this document. To submit a new errata report, go to the main errata page.

Abstract

TCP has historically been considered to be protected against spoofed off-path packet injection attacks by relying on the fact that it is difficult to guess the 4-tuple (the source and destination IP addresses and the source and destination ports) in combination with the 32-bit sequence number(s). A combination of increasing window sizes and applications using longer-term connections (e.g., H-323 or Border Gateway Protocol (BGP) [STANDARDS-TRACK]

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.

Go to the RFC Editor Homepage.