Port randomization

Hal Murray hmurray at megapathdsl.net
Fri May 29 09:44:43 UTC 2020

We should do this.  It's not trivial.  Doing it involves reworking the code is 
a good way.

Subject: [Ntp] I-D Action: draft-ietf-ntp-port-randomization-03.txt
From: internet-drafts at ietf.org
Date: Fri, 29 May 2020 00:13:38 -0700
To: <i-d-announce at ietf.org>
Cc: ntp at ietf.org

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Network Time Protocol WG of the IETF.

        Title           : Port Randomization in the Network Time Protocol 
Version 4
        Authors         : Fernando Gont
                          Guillermo Gont
                          Miroslav Lichvar
	Filename        : draft-ietf-ntp-port-randomization-03.txt
	Pages           : 10
	Date            : 2020-05-28

   The Network Time Protocol can operate in several modes.  Some of
   these modes are based on the receipt of unsolicited packets, and
   therefore require the use of a service/well-known port as the local
   port number.  However, in the case of NTP modes where the use of a
   service/well-known port is not required, employing such well-known/
   service port unnecessarily increases the ability of attackers to
   perform blind/off-path attacks.  This document formally updates
   RFC5905, recommending the use of port randomization for those modes
   where use of the NTP service port is not required.

The IETF datatracker status page for this draft is:

There are also htmlized versions available at:

A diff from the previous version is available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:

ntp mailing list
ntp at ietf.org

These are my opinions.  I hate spam.

More information about the devel mailing list