Comments on selecting ephemeral ports

Careless selection of the ephemeral port number portion of a transport protocol's connection identifier has been shown to potentially degrade security by opening the connection up to injection attacks from "blind" or "off path" attackers--or, attackers that cannot directly observe the connection. This short paper empirically explores a number of algorithms… CONTINUE READING