Security Basics mailing list archives

Re: Why TCP is more secure than UDP?

From: Leszek Jakubowski <leszek.jakubowski () gmail com>
Date: Tue, 10 Jul 2007 12:34:03 +0200

paavan.shah () gmail com wrote:

It is said that UDP is considered more vulnerable to spoofing than TCP?


Can anyone point me to any document/link which describes TCP is more secure than UDP

Well the RFCs for starters. With TCP each side has to receive at least
one packet during the handshake. In UDP you can send data without having
to receive any, so there's no need to setup a route back to you (you can
blind spoof). Also there is no sequence numbers because in UDP there is
no connection (you just send chunks of data) so injecting data into a
conversation is based on the first-the best rule. However most ISPs
filter out (or don't they?) UDP packets with source addresses that are
not theirs.

-- 
Leszek Jakubowski

Current thread:

Re: Why TCP is more secure than UDP?, (continued)
- - Re: Why TCP is more secure than UDP? Buz Dale (Jul 11)
    - Re[2]: Why TCP is more secure than UDP? Adam Pal (Jul 11)
- Re: Why TCP is more secure than UDP? Javier Reyna Padilla (Jul 10)
  - RE: Why TCP is more secure than UDP? Largacha Lamela, Daniel (Jul 11)
  - Shifting to Single Domain, things to worry about! WALI (Jul 11)
    - Re: Shifting to Single Domain, things to worry about! Samir Pawaskar (Jul 12)
- Re: Why TCP is more secure than UDP? Jacco (Jul 10)
- RE: Why TCP is more secure than UDP? Goran Pizent (Jul 11)
- Re: Why TCP is more secure than UDP? Alex Cernat (Jul 11)
- RE: Why TCP is more secure than UDP? Yahsodhan Deshpande (Jul 11)
- Re: Why TCP is more secure than UDP? Leszek Jakubowski (Jul 11)
- Re: Why TCP is more secure than UDP? krymson (Jul 10)
- Re: Why TCP is more secure than UDP? levinson_k (Jul 11)
  - RE: Why TCP is more secure than UDP? Dave Koontz (Jul 12)