RFC 6528

Defending against Sequence Number Attacks, February 2012

Canonical URL:
https://www.rfc-editor.org/rfc/rfc6528.txt
File formats:
Plain TextPDF
Status:
PROPOSED STANDARD
Obsoletes:
RFC 1948
Updates:
RFC 793
Authors:
F. Gont
S. Bellovin
Stream:
IETF
Source:
tcpm (tsv)

Cite this RFC: TXT  |  XML

DOI:  http://dx.doi.org/10.17487/RFC6528

Discuss this RFC: Send questions or comments to tcpm@ietf.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document specifies an algorithm for the generation of TCP Initial Sequence Numbers (ISNs), such that the chances of an off-path attacker guessing the sequence numbers in use by a target connection are reduced. This document revises (and formally obsoletes) RFC 1948, and takes the ISN generation algorithm originally proposed in that document to Standards Track, formally updating RFC 793. [STANDARDS-TRACK]


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×