Comments on Selecting Ephemeral Ports

Mark Allman
Appears in: 
CCR April 2009

Careless selection of the ephemeral port number portion of a transport protocol’s connection identifier has been shown to potentially degrade security by opening the connection up to injection attacks from “blind” or “off path” attackers—or, attackers that cannot directly observe the connection. This short paper empirically explores a number of algorithms for choosing the ephemeral port number that attempt to obscure the choice from such attackers and hence make mounting these blind attacks more difficult.

Public Review By: 
Kevin Almeroth

The author describes an algorithm to select “ephemeral ports,” those ports on the client side of a transport session. Instead of using an easily predicted method, which has the disadvantage of being more suceptible to injection attacks, the author evaluates a set different algorithms for port selection (the last one is a newly proposed algorithm) and compares their performance in terms of how quickly they can establish connections without port number collisions.
Overall, the paper is quite good and brings awareness to a problem and a corresponding set of solutions having widespread relevance. The best part is, once the author describes the problem, the evaluation is thorough and rigorous, in particular, the author does a good job considering the impact of NATs.
The real challenge is whether the problem addressed by the paper requires any significant new creative contribution, or whether it is a simple matter of a straightforward problem with a straightforward solution. Further, given the paper’s discussion of cryptography as a way of protecting data within the transport session, how easy is it to inject false data? Is better ephemeral port selection really the best way to solve the problem?