{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:35:05Z","timestamp":1750307705993,"version":"3.41.0"},"reference-count":14,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2009,3,31]],"date-time":"2009-03-31T00:00:00Z","timestamp":1238457600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGCOMM Comput. Commun. Rev."],"published-print":{"date-parts":[[2009,3,31]]},"abstract":"<jats:p>Careless selection of the ephemeral port number portion of a transport protocol's connection identifier has been shown to potentially degrade security by opening the connection up to injection attacks from \"blind\" or \"off path\" attackers--or, attackers that cannot directly observe the connection. This short paper empirically explores a number of algorithms for choosing the ephemeral port number that attempt to obscure the choice from such attackers and hence make mounting these blind attacks more difficult.<\/jats:p>","DOI":"10.1145\/1517480.1517483","type":"journal-article","created":{"date-parts":[[2009,4,6]],"date-time":"2009-04-06T16:34:22Z","timestamp":1239035662000},"page":"13-19","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Comments on selecting ephemeral ports"],"prefix":"10.1145","volume":"39","author":[{"given":"Mark","family":"Allman","sequence":"first","affiliation":[{"name":"International Computer Science Institute, Berkeley, CA, USA"}]}],"member":"320","published-online":{"date-parts":[[2009,3,31]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"RFC","author":"Bellovin S.","year":"1948","unstructured":"S. Bellovin . Defending Against Sequence Number Attacks, May 1996 . RFC 1948 . S. Bellovin. Defending Against Sequence Number Attacks, May 1996. RFC 1948."},{"key":"e_1_2_1_2_1","volume-title":"May","author":"Braden R.","year":"1992","unstructured":"R. Braden . TIME-WAIT Assassination Hazards in TCP , May 1992 . RFC 1337. R. Braden. TIME-WAIT Assassination Hazards in TCP, May 1992. RFC 1337."},{"key":"e_1_2_1_3_1","volume-title":"Oct.","author":"Gont F.","year":"2008","unstructured":"F. Gont . On the Generation of TCP Timestamps , Oct. 2008 . Internet-Draft draft-gont-tcpm-tcp-timestamps-00.txt (work in progress). F. Gont. On the Generation of TCP Timestamps, Oct. 2008. Internet-Draft draft-gont-tcpm-tcp-timestamps-00.txt (work in progress)."},{"key":"e_1_2_1_4_1","volume-title":"Aug.","author":"Heffernan A.","year":"1998","unstructured":"A. Heffernan . Protection of BGP Sessions via the TCP MD5 Signature Option , Aug. 1998 . RFC 2385. A. Heffernan. Protection of BGP Sessions via the TCP MD5 Signature Option, Aug. 1998. RFC 2385."},{"key":"e_1_2_1_5_1","first-page":"4301","author":"Kent S.","year":"2005","unstructured":"S. Kent and K. Seo . Security Architecture for the Internet Protocol , Dec. 2005 . RFC 4301 . S. Kent and K. Seo. Security Architecture for the Internet Protocol, Dec. 2005. RFC 4301.","journal-title":"Security Architecture for the Internet Protocol"},{"key":"e_1_2_1_6_1","volume-title":"Aug.","author":"Larsen M.","year":"2008","unstructured":"M. Larsen and F. Gont . Port Randomization , Aug. 2008 . Internet-Draft draft-ietf-tsvwg-port-randomization-02.txt (work in progress). M. Larsen and F. Gont. Port Randomization, Aug. 2008. Internet-Draft draft-ietf-tsvwg-port-randomization-02.txt (work in progress)."},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(99)00112-7"},{"key":"e_1_2_1_8_1","volume-title":"Sept.","author":"Postel J.","year":"1981","unstructured":"J. Postel . Transmission Control Protocol , Sept. 1981 . RFC 793. J. Postel. Transmission Control Protocol, Sept. 1981. RFC 793."},{"key":"e_1_2_1_9_1","volume-title":"Nov.","author":"Ramaiah A.","year":"2008","unstructured":"A. Ramaiah , R. Stewart , and M. Dalal . Improving TCP's Robustness to Blind In-Window Attacks , Nov. 2008 . Internet-Draft draft-ietf-tcpm-tcpsecure-11.txt (work in progress). A. Ramaiah, R. Stewart, and M. Dalal. Improving TCP's Robustness to Blind In-Window Attacks, Nov. 2008. Internet-Draft draft-ietf-tcpm-tcpsecure-11.txt (work in progress)."},{"key":"e_1_2_1_10_1","volume-title":"July","author":"Ramaiah A.","year":"2008","unstructured":"A. Ramaiah and P. Tate . Effects of Port Randomization With TCP TIME-WAIT State , July 2008 . Internet-Draft draft-ananth-tsvwg-timewait-00.txt (work in progress). A. Ramaiah and P. Tate. Effects of Port Randomization With TCP TIME-WAIT State, July 2008. Internet-Draft draft-ananth-tsvwg-timewait-00.txt (work in progress)."},{"key":"e_1_2_1_11_1","volume-title":"Apr.","author":"Rivest R.","year":"1992","unstructured":"R. Rivest . The MD5 Message-Digest Algorithm , Apr. 1992 . RFC 1321. R. Rivest. The MD5 Message-Digest Algorithm, Apr. 1992. RFC 1321."},{"key":"e_1_2_1_12_1","volume-title":"July","author":"Touch J.","year":"2007","unstructured":"J. Touch . Defending TCP Against Spoofing Attacks , July 2007 . RFC 4953. J. Touch. Defending TCP Against Spoofing Attacks, July 2007. RFC 4953."},{"key":"e_1_2_1_13_1","volume-title":"Nov.","author":"Touch J.","year":"2008","unstructured":"J. Touch , A. Mankin , and R. Bonica . The TCP Authentication Option , Nov. 2008 . Internet-Draft draft-ietf-tcpm-tcp-auth-opt-02.txt (work in progress). J. Touch, A. Mankin, and R. Bonica. The TCP Authentication Option, Nov. 2008. Internet-Draft draft-ietf-tcpm-tcp-auth-opt-02.txt (work in progress)."},{"key":"e_1_2_1_14_1","volume-title":"CanSecWest","author":"Watson P.","year":"2004","unstructured":"P. Watson . Slipping in the Window: TCP Reset Attacks . In CanSecWest , 2004 . P. Watson. Slipping in the Window: TCP Reset Attacks. In CanSecWest, 2004."}],"container-title":["ACM SIGCOMM Computer Communication Review"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1517480.1517483","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1517480.1517483","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:30:06Z","timestamp":1750253406000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1517480.1517483"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,3,31]]},"references-count":14,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2009,3,31]]}},"alternative-id":["10.1145\/1517480.1517483"],"URL":"https:\/\/doi.org\/10.1145\/1517480.1517483","relation":{},"ISSN":["0146-4833"],"issn-type":[{"type":"print","value":"0146-4833"}],"subject":[],"published":{"date-parts":[[2009,3,31]]},"assertion":[{"value":"2009-03-31","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}