RFC 6528
Defending against Sequence Number Attacks, February 2012
- File formats:
- Status:
- PROPOSED STANDARD
- Obsoletes:
- RFC 1948
- Obsoleted by:
- RFC 9293
- Updates:
- RFC 793
- Authors:
- F. Gont
S. Bellovin - Stream:
- IETF
- Source:
- tcpm (wit)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC6528
Discuss this RFC: Send questions or comments to the mailing list tcpm@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 6528
Abstract
This document specifies an algorithm for the generation of TCP Initial Sequence Numbers (ISNs), such that the chances of an off-path attacker guessing the sequence numbers in use by a target connection are reduced. This document revises (and formally obsoletes) RFC 1948, and takes the ISN generation algorithm originally proposed in that document to Standards Track, formally updating RFC 793. [STANDARDS-TRACK]
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.