First page Back Continue Last page Summary Graphics
UDP Flood
UDP test services are especially easy to use - automatic query-response behavior (echo, chargen, daytime, and time)
Attack launched with a single packet containing a spoofed source address, resulting in an infinite loop of network traffic
Can be launched between two victims, or between a network of intermediaries and a single victim
Notes:
The UDP protocol is especially useful as a denial-of-service tool. Unlike TCP, UDP is stateless. Flow control mechanisms aren't included. There are no connection state flags. Datagram sequence numbers arent used. No information is maintained on which packet is expected next. Its relatively easy to keep a system so busy responding to incoming UDP probes that no bandwidth is left for legitimate network traffic.
Because UDP services are inherently less secure than TCP services, many sites disable all UDP ports which aren't absolutely necessary. As mentioned earlier, almost all common Internet services are TCP-based.