UDP (User Datagram Protocol) is a simple connectionless transmission model formally defined in RFC 768.
Questions tagged [udp]
92 questions
62
votes
11 answers
Why is TCP more secure than UDP?
While reading MS SDL (Microsoft Security Development Lifecycle) presentations I found a recommendation to replace UDP with TCP in applications because TCP is more secure than UDP. But both of them are only transport layers, nothing more.
So why is…
sluge
- 1,085
- 1
- 10
- 9
10
votes
1 answer
Is HTTPS over UDP secure?
Recently, I notice that while using Google search, I am connecting to Google's server using UDP instead of TCP on both port 80 and port 443. It seems that Google is experimenting with some new technology related to SPDY QUIC or HTTP/2.0.
Since UDP…
Question Overflow
- 5,220
- 6
- 27
- 48
7
votes
2 answers
UDP flood from my machine, or false positive?
The company that hosts my dedicated server has alerted me to what they think is malicious traffic coming from my machine. They supplied me with graphs showing a large amount of UDP traffic coming from the IP address of my machine and another machine…
user51881
6
votes
3 answers
Is QUIC (Quick UDP Internet Connections) safe to allow through firewall?
Our firewall currently blocks QUIC (UDP 443) traffic which seems to be enabled by default in Google Chrome. Is it safe to allow QUIC or should I wait until it is implemented in all the major browsers?
I understand that it's been developed as an…
R. Blueryan
- 81
- 1
- 2
- 6
5
votes
1 answer
What are the mitigating factors for CVE-2015-5364?
CVE-2015-5364 describes a UDP based DoS vulnerability in the Linux kernel that can be used to deny processing cycles to the host operating system and its applications.
https://access.redhat.com/security/cve/CVE-2015-5364
A flaw was found in the way…
Andrew B
- 152
- 5
5
votes
2 answers
How to mitigate UDP flood attacks?
My friend linked me some website where you pay $5.00 / m and get access to a plethora of 'dos stresser' tools that offer udp flooding, and other malicious flooders. It's a web-based system and you just enter in their IP and you're done. It's…
NiCk Newman
- 167
- 1
- 1
- 8
5
votes
1 answer
Is it possible to successfully send a spoofed UDP header with a completely unrelated source IP?
I've read that many networks use ingress/egress filtering to eliminate the number of spoofed UDP packets sent and received by their network.
Given that network provides have been much more diligent in restricting the amount of spoofed UDP packets…
Barkley
- 51
- 2
5
votes
2 answers
How to deal with UDP bandwidth exhaustion DDoS attacks?
I am building a service, which will use UDP. It will run on Amazon AWS - in the firewall they provide, I can block everything except that one UDP port my service will run.
The only thing I'm concerned about is receiving a massive spam of UDP packets…
John Lock
- 93
- 4
5
votes
2 answers
Received UDP packet with IP ID of zero:
I am scanning a host in our network with Nexpose and one of the vulnerabilities reported is
Received UDP packet with IP ID of zero:
IPv4 SRC[10.0.0.5] TGT[127.0.0.1]
TOS[192] TTL[64] Flags[40] Proto[17] ID[0] FragOff[0]
HDR-LENGTH[20]…
LUser
- 824
- 6
- 12
4
votes
1 answer
Is it possible to force client use TCP instead UDP for DNS queries?
Assume I am managing a firewall between DNS server and clients. Is there any way to force clients use TCP rather than UDP, so we can prevent DNS spoof types of DDoS attacks?
ibrahim
- 571
- 3
- 7
- 13
4
votes
2 answers
UDP flood 300 Kbps + SYN probes / other attacks. Flood or DDoS at low rate?
So for over 2 weeks, Im receiving what appears a combination of attacks non-stop 24/7.
First this UDP flood at a strangely small rate of 280 Kbps / 110 pps (360 bytes length)
02:29:41.978484 IP (tos 0x0, ttl 48, id 56020, offset 0, flags [DF], proto…
Jonas
- 81
- 3
4
votes
2 answers
Minimum required processes with open ports on AWS?
I recently started an AWS box to be used for a public web site and it seems to have the following ports open... I was long ago convinced that it's a good idea to minimize the attack surface on any box by shutting down anything not actually needed,…
Gus
- 143
- 5
4
votes
2 answers
Do I have a IP leak if I use Tor and Skype/UDP?
I configure my OS so that it sends all traffic over the Tor (assume that, I configure Tor like proxy).
I use Tor (which does not support UDP) and Skype (which uses UDP).
My questions are:
Does that mean my IP can leak to the skype.com?
Can…
ideloxew
- 497
- 1
- 5
- 16
4
votes
2 answers
Does Hole Punching put added Vulnerability on the Client Side
Websites and servers frequently get hacked when a vulnerability is present in the server side code. Does UDP or TCP hole punching put that risk onto the users of the application when the connections become peer to peer?
Take for example the clearly…
rp.beltran
- 143
- 5
3
votes
2 answers
DNS Server Recursive Query Cache Poisoning Weakness "Bounce DoS"
Tenable Nessus states that if there is a DNS Server Recursive Query Cache Poisoning Weakness the host allows recursive queries via UDP, then the host can be used to 'bounce' Denial of Service attacks against another network or system.
What is a…
user80761
- 31
- 1
- 3