In
computer networking
A computer network is a collection of communicating computers and other devices, such as printers and smart phones. In order to communicate, the computers and devices must be connected by wired media like copper cables, optical fibers, or b ...
, TCP Stealth is a proposed modification of the
Transmission Control Protocol
The Transmission Control Protocol (TCP) is one of the main communications protocol, protocols of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, th ...
(TCP) to hide
open ports of some TCP services from the public, in order to impede
port scans. It is somewhat similar to the
port knocking
In computer networking, port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received, the firewall rules ...
technique.
it is an
IETF Internet Draft specification.
The proposal modifies the TCP
three-way handshake
The Transmission Control Protocol (TCP) is one of the main protocols of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is common ...
by only accepting connections from clients that transmit a
proof of knowledge of a
shared secret
In cryptography, a shared secret is a piece of data, known only to the parties involved, in a secure communication. This usually refers to the key of a symmetric cryptosystem. The shared secret can be a PIN code, a password, a passphrase, a b ...
. If the connection attempt does not use TCP Stealth, or if authentication fails, the server acts as if no service was listening on the port number.
The project and initial
Internet Draft
An Internet Draft (I-D) is a document published by the Internet Engineering Task Force (IETF) containing preliminary technical specifications, results of networking-related research, or other technical information. Often, Internet Drafts are int ...
specification was announced on 15 August 2014,
following the revelations about the
GCHQ
Government Communications Headquarters (GCHQ) is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance (IA) to the government and armed forces of the United Kingdom. Primar ...
project
HACIENDA
A ''hacienda'' ( or ; or ) is an estate (or '' finca''), similar to a Roman '' latifundium'', in Spain and the former Spanish Empire. With origins in Andalusia, ''haciendas'' were variously plantations (perhaps including animals or orchards ...
, which uses port scanning to find vulnerable systems for
Five Eyes
The Five Eyes (FVEY) is an Anglosphere intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States. These countries are party to the multilateral UKUSA Agreement, a treaty for joint cooperat ...
intelligence agencies.
Technische Universität München
The Technical University of Munich (TUM or TU Munich; ) is a public research university in Munich, Bavaria, Germany. It specializes in engineering, technology, medicine, and applied and natural sciences.
Established in 1868 by King Ludwig II ...
, Jacob Appelbaum
Jacob Appelbaum (born April 1, 1983) is an American independent journalist, computer security researcher, artist, Hacking (innovation), hacker and teacher. Appelbaum, who earned his PhD from the Eindhoven University of Technology, first became not ...
of the Tor Project and Holger Kenn from Microsoft
Microsoft Corporation is an American multinational corporation and technology company, technology conglomerate headquartered in Redmond, Washington. Founded in 1975, the company became influential in the History of personal computers#The ear ...
.
References
External links
Knock
- patches for adding TCP Stealth to Linux and FreeBSD kernels and various applications
Master's thesis about TCP Stealth
TCP extensions
Computer network security
{{network-stub