[ntp:security] Fwd: New I-D: NTP Port Randomization (draft-gont-ntp-port-randomization-00.txt)

Fernando Gont fgont at si6networks.com
Tue Apr 16 21:56:32 UTC 2019


Folks,

No rush, but you may be interested.

Thanks!
Fernando




-------- Forwarded Message --------
Subject: New I-D: NTP Port Randomization
(draft-gont-ntp-port-randomization-00.txt)
Date: Tue, 16 Apr 2019 23:19:27 +0200
From: Fernando Gont <fgont at si6networks.com>
To: ntp at ietf.org

Folks,

We have published a new I-D (draft-gont-ntp-port-randomization),
entitled "Port Randomization in the Network Time Protocol Version 4".

The I-D is available at:
https://www.ietf.org/internet-drafts/draft-gont-ntp-port-randomization-00.txt

Your comments will be very appreciated.

Thanks,
Fernando




-------- Forwarded Message --------
Subject: New Version Notification for
draft-gont-ntp-port-randomization-00.txt
Date: Tue, 16 Apr 2019 14:16:14 -0700
From: internet-drafts at ietf.org
To: Fernando Gont <fgont at si6networks.com>, Guillermo Gont
<ggont at si6networks.com>


A new version of I-D, draft-gont-ntp-port-randomization-00.txt
has been successfully submitted by Fernando Gont and posted to the
IETF repository.

Name:		draft-gont-ntp-port-randomization
Revision:	00
Title:		Port Randomization in the Network Time Protocol Version 4
Document date:	2019-04-16
Group:		Individual Submission
Pages:		5
URL:
https://www.ietf.org/internet-drafts/draft-gont-ntp-port-randomization-00.txt
Status:
https://datatracker.ietf.org/doc/draft-gont-ntp-port-randomization/
Htmlized:
https://tools.ietf.org/html/draft-gont-ntp-port-randomization-00
Htmlized:
https://datatracker.ietf.org/doc/html/draft-gont-ntp-port-randomization


Abstract:
   The Network Time Protocol can operate in several modes.  Some of
   these modes are based on the receipt of unsolicited packets, and
   therefore require the use of a service/well-known port as the local
   port number.  However, in the case of NTP modes where the use of a
   service/well-known port is not required, employing such well-known/
   service port unnecessarily increases the ability of attackers to
   perform blind/off-path attacks, since knowledge of such port number
   is typically required for such attacks.  This document formally
   updates RFC5905, recommending the use of port randomization for those
   modes where use of the NTP service port is not required.




Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat




More information about the security mailing list