{{Short description|Proposed modification of the Transmission Control Protocol}}
In computer networking, '''TCP Stealth''' is a proposed modification of the Transmission Control Protocol (TCP) to hide open ports of some TCP services from the public, in order to impede port scans. It is somewhat similar to the port knocking technique.<ref name=gigaom>{{cite news |author=David Meyer |date=15 August 2014 |title=New "TCP Stealth" tool aims to help sysadmins block spies from exploiting their systems |publisher=GigaOM |url=https://gigaom.com/2014/08/15/new-tcp-stealth-tool-aims-to-help-sysadmins-block-spies-from-exploiting-their-systems/ |archive-url=https://web.archive.org/web/20140817074242/http://gigaom.com/2014/08/15/new-tcp-stealth-tool-aims-to-help-sysadmins-block-spies-from-exploiting-their-systems/ |url-status=dead |archive-date=August 17, 2014 }}</ref><ref name=bgr>{{cite news |date=18 August 2014 |title=TCP Stealth software prevents cyber attacks |publisher=BGR Media |url=http://www.bgr.in/news/tcp-stealth-software-prevents-cyber-attacks/ }}</ref> {{As of|2015|05}} it is an IETF Internet Draft specification.<ref name=ietf>{{cite IETF |date=17 January 2015 |title=TCP Stealth |draft=draft-kirsch-ietf-tcp-stealth-01 }}</ref>
The proposal modifies the TCP three-way handshake by only accepting connections from clients that transmit a proof of knowledge of a shared secret. If the connection attempt does not use TCP Stealth, or if authentication fails, the server acts as if no service was listening on the port number.<ref name=tum>{{cite news |date=15 August 2014 |title=TUM researchers develop defense software "TCP Stealth" |publisher=Technische Universität München |url=https://www.tum.de/en/about-tum/news/press-releases/short/article/31740/ }}</ref>
The project and initial Internet Draft specification was announced on 15 August 2014,<ref name=ietf /> following the revelations about the GCHQ project HACIENDA, which uses port scanning to find vulnerable systems for Five Eyes intelligence agencies.<ref name=gigaom/><ref name=heise>{{cite web |date=15 August 2014 |title=NSA/GCHQ: The HACIENDA Program for Internet Colonization |url=http://www.heise.de/ct/artikel/NSA-GCHQ-The-HACIENDA-Program-for-Internet-Colonization-2292681.html?hg=1&hgi=4&hgf=false }}</ref> The draft was written by researchers from the Technische Universität München, Jacob Appelbaum of the Tor Project and Holger Kenn from Microsoft.
==References== {{Reflist}}
==External links== * [https://gnunet.org/knock Knock] {{Webarchive|url=https://web.archive.org/web/20180321201209/https://gnunet.org/knock |date=2018-03-21 }} - patches for adding TCP Stealth to Linux and FreeBSD kernels and various applications * [https://gnunet.org/kirsch2014knock Master's thesis about TCP Stealth] {{Webarchive|url=https://web.archive.org/web/20171019200558/https://gnunet.org/kirsch2014knock |date=2017-10-19 }}
Category:TCP extensions Category:Computer network security
{{network-stub}}