From: Fernando Gont <fernando(_dot_)gont(_at_)gmail(_dot_)com>
Date: February 12, 2009 5:38:35 PM EST
To: bugtraq(_at_)securityfocus(_dot_)com,
full-disclosure(_at_)lists(_dot_)grok(_dot_)org(_dot_)uk
Subject: Security Assessment of the Transmission Control Protocol
(TCP)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hello, folks,
The United Kingdom's Centre for the Protection of National
Infrastructure has just released the document "Security Assessment of
the Transmission Control Protocol (TCP)", on which I have had the
pleasure to work during the last few years.
The motivation to produce this document is explained in the Preface of
the document as follows:
- ---- cut here ----
The TCP/IP protocol suite was conceived in an environment that was
quite
different from the hostile environment they currently operate in.
However, the effectiveness of the protocols led to their early
adoption
in production environments, to the point that to some extent, the
current world?s economy depends on them.
While many textbooks and articles have created the myth that the
Internet protocols were designed for warfare environments, the top
level
goal for the DARPA Internet Program was the sharing of large service
machines on the ARPANET. As a result, many protocol specifications
focus
only on the operational aspects of the protocols they specify, and
overlook their security implications.
While the Internet technology evolved since it early inception, the
Internet?s building blocks are basically the same core protocols
adopted
by the ARPANET more than two decades ago.
During the last twenty years, many vulnerabilities have been
identified
in the TCP/IP stacks of a number of systems. Some of them were based
on
flaws in some protocol implementations, affecting only a reduced
number
of systems, while others were based in flaws in the protocols
themselves, affecting virtually every existing implementation. Even in
the last couple of years, researchers were still working on security
problems in the core protocols.
The discovery of vulnerabilities in the TCP/IP protocol suite usually
led to reports being published by a number of CSIRTs (Computer
Security
Incident Response Teams) and vendors, which helped to raise awareness
about the threats and the best mitigations known at the time the
reports
were published. Unfortunately, this also led to the documentation of
the
discovered protocol vulnerabilities being spread among a large
number of
documents, which are sometimes difficult to identify.
For some reason, much of the effort of the security community on the
Internet protocols did not result in official documents (RFCs) being
issued by the IETF (Internet Engineering Task Force). This basically
led
to a situation in which ?known? security problems have not always
been addressed by all vendors. In addition, in many cases vendors have
implemented quick ?fixes? to the identified vulnerabilities without a
careful analysis of their effectiveness and their impact on
interoperability.
Producing a secure TCP/IP implementation nowadays is a very difficult
task, in part because of the lack of a single document that serves
as a
security roadmap for the protocols. Implementers are faced with the
hard
task of identifying relevant documentation and differentiating between
that which provides correct advice, and that which provides misleading
advice based on inaccurate or wrong assumptions.
There is a clear need for a companion document to the IETF
specifications that discusses the security aspects and implications of
the protocols, identifies the existing vulnerabilities, discusses the
possible countermeasures, and analyses their respective effectiveness.
This document is the result of a security assessment of the IETF
specifications of the Transmission Control Protocol (TCP), from a
security point of view. Possible threats are identified and, where
possible, countermeasures are proposed. Additionally, many
implementation flaws that have led to security vulnerabilities have
been
referenced in the hope that future implementations will not incur the
same problems.
This document does not aim to be the final word on the security
aspects
of TCP. On the contrary, it aims to raise awareness about a number of
TCP vulnerabilities that have been faced in the past, those that are
currently being faced, and some of those that we may still
have to deal with in the future.
Feedback from the community is more than encouraged to help this
document be as accurate as possible and to keep it updated as new
vulnerabilities are discovered.
- ---- cut here ----
The document is available at CPNI's web site:
http://www.cpni.gov.uk/Products/technicalnotes/Feb-09-security-assessment-TCP.aspx
Additionally, I have posted a copy of the document on my personal web
site: http://www.gont.com.ar
Any comments will be more than welcome.
Kind regards,
- --
Fernando Gont
e-mail: fernando(_at_)gont(_dot_)com(_dot_)ar || fgont(_at_)acm(_dot_)org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBCAAGBQJJlKTFAAoJEJbuqe/Qdv/xbBgH/0CRAO7VttW8IlSs6ocKl8Xi
pQkuUZOKAZrkok0T4GOkRPBmIv+5K8ZQT8hBBdTL6TOdZ+LOIHvmwpOMRqosijbm
+KXTuHYws/zVbReCZXdYFhHfxRUn75G9s0mafNRpkiQV07hoHpD38UcGJYUnQXNy
7uuV3HXJDENgE0L8pAK8HhgNKlX3clcV3sBJEzHMsvVVT1Jh1XsS+krAD7JguN95
nhjOTcTp1Ggq+F6wqucm9Kf193O78REEz/FGeaoPGSDfzD0EBGg4IG1qu6Bo3e++
ALLEOhARQJ0l12dC+84N0/mrGBSe45pUbMddT6xZzDXa6INcmTE6dc1VSQL8EAo=
=IVlY
-----END PGP SIGNATURE-----