BSDCan Banner
Call for papers

Improving TCP/IP Security Through Randomization Without Sacrificing Interoperability

The TCP/IP protocol suite has become the networking standard of the world, carrying nearly all traffic on the Internet, and a large percentage of traffic on LANs as well. All types of data traverse TCP connections, from the unimportant to the highly confidential. While network layer protocols such as IPsec have been created to add encryption to TCP/IP, they require special configuration and are not generally used except in VPN configurations. The SSL protocol, which sits on top of TCP, has become much more widespread. While SSL can ensure data confidentiality and integrity, it can not ensure the availability of service if the TCP layer below it is disrupted. If implemented according to the original standards, TCP connections can be easily disrupted even by an attacker who is not monitoring the actual traffic of the connection. These blind spoofing attacks are mostly a problem for long-lived connections, such as BGP sessions between routers or SSH/SSL sessions used to remotely administer servers. Tweaks to solve these blind spoofing attacks have been implemented in many operating systems, but many fixes have the problem that they reduce interoperability with other operating systems. This paper demonstrates how interoperability has been harmed by certain TCP changes and discusses better solutions to the problems at hand. The topics of TCP initial sequence numbers, TCP timestamps, IP ID values, and ephemeral port randomization are discussed. The majority of the paper is spent discussing TCP initial sequence numbers, as they are the primary point of attack for blind spoofing. Points of interest include a survey of the initial sequence number generation methods of some popular operating systems, an improvement to RFC 1948, and a proposal for how to use TCP timestamps to increase resistance to spoofing attacks.

speaker: Mike Silbersack

location: SITE H0104

Hotel + Travel
U of O Campus
About Ottawa

Help out!
Contact Us
What is BSD?

BSDCan 2004
BSDCan 2005
BSDCan 2006
BSDCan 2007
BSDCan 2008
BSDCan 2009
BSDCan 2010
BSDCan 2011
BSDCan 2012
BSDCan 2013
BSDCan 2014
BSDCan 2015
BSDCan 2016
BSDCan 2017
BSDCan 2018
BSDCan 2019
BSDCan 2020
Copyright © 2003-2011 BSDCan. All rights reserved.
Valid HTML, and CSS