IETF: Port Randomization

Hal Murray hmurray at megapathdsl.net
Tue Mar 10 07:45:43 UTC 2020


Subject: [Ntp] I-D Action: draft-ietf-ntp-port-randomization-01.txt
From: internet-drafts at ietf.org
Date: Mon, 09 Mar 2020 16:58:43 -0700
To: <i-d-announce at ietf.org>
Cc: ntp at ietf.org

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Network Time Protocol WG of the IETF.

        Title           : Port Randomization in the Network Time Protocol 
Version 4
        Authors         : Fernando Gont
                          Guillermo Gont
                          Miroslav Lichvar
	Filename        : draft-ietf-ntp-port-randomization-01.txt
	Pages           : 10
	Date            : 2020-03-09

Abstract:
   The Network Time Protocol can operate in several modes.  Some of
   these modes are based on the receipt of unsolicited packets, and
   therefore require the use of a service/well-known port as the local
   port number.  However, in the case of NTP modes where the use of a
   service/well-known port is not required, employing such well-known/
   service port unnecessarily increases the ability of attackers to
   perform blind/off-path attacks.  This document formally updates
   RFC5905, recommending the use of port randomization for those modes
   where use of the NTP service port is not required.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ntp-port-randomization/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-ntp-port-randomization-01
https://datatracker.ietf.org/doc/html/draft-ietf-ntp-port-randomization-01


-- 
These are my opinions.  I hate spam.





More information about the devel mailing list