Security Basics mailing list archives
Re: Why TCP is more secure than UDP?
From: "Buz Dale" <buz.dale () usg edu>
Date: Wed, 11 Jul 2007 15:18:42 -0400
I'll try and illustrate a security difference. Lets say I have a service called "Echo" that runs on both udp port 7 and tcp port 7 on two machines on my lan (192168.1.1 or "Larry" and 192.168.1.2 or "Curly".) Suppose this service just echoes back any packet I send it. Suppose my tricky friend "Moe" is across the internet at 10.0.0.1 (Oh yeah - and let's also suppose these are not rfc 1918 addresses.) Moe's router and ISP are configured kinda loosely and don't really care about source addresses, just destination. If Moe uses a UDP packet with source 192.168.1.2 and destination 192.168.1.1, his first packet could (if My router configs are a little loose) get that packet to Larry, the content of that packet "SLAP" will get echoed to Curly who will then SLAP Larry who will then SLAP Curly ad inifinitum. Burning network and CPU until noticed. (works well actually with port 19 and Chargen as one of the ports and 7 as the other.) If Moe uses a tcp packet with source 192.168.168.1.2 and a destination of 192.168.1.1. His packet will get to Larry and Larry will try and handshake with Curly who won't have any idea of what's going on and stop the transaction. It's easy for Moe to "spoof" either udp or tcp but the udp packet is more fun for Moe. Luck, Buz On 7/10/07, pal_adam () gmx net <pal_adam () gmx net> wrote:
Hi I dont understand what you mean by spoofing, since wherever you use UDP or TCP the underlying layer still remains IP so when you spoof a source you spoof an IP source. If you talk about a man-in-the-middle attack then taking a closer look at both protocols will show that UDP doesnt establish any connection before starting the communication. Using TCP you`ll need to ACK incomming data using a pre-established sequence number which makes the attack on TCP harder but not impossible. regards Adam Pal -------- Original-Nachricht -------- Datum: 10 Jul 2007 02:11:12 -0000 Von: paavan.shah () gmail com An: security-basics () securityfocus com Betreff: Why TCP is more secure than UDP? > It is said that UDP is considered more vulnerable to spoofing than TCP? > > > Can anyone point me to any document/link which describes TCP is more > secure than UDP -- Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer
-- Buz Dale buz.dale () usg edu IT Security Specialist 1-888-875-3697 (In GA) 1-706-583-2005 Office of Information and Instructional Technology University System of Georgia GMT -5:00
Current thread:
- Why TCP is more secure than UDP? paavan . shah (Jul 09)
- RE: Why TCP is more secure than UDP? Uzair Hashmi (Jul 10)
- Re: Why TCP is more secure than UDP? webmaster (Jul 10)
- Re: Why TCP is more secure than UDP? pal_adam (Jul 10)
- RE: Why TCP is more secure than UDP? David Gillett (Jul 11)
- RE: Why TCP is more secure than UDP? Wilfred Smith (Jul 13)
- Re: Why TCP is more secure than UDP? Buz Dale (Jul 11)
- Re[2]: Why TCP is more secure than UDP? Adam Pal (Jul 11)
- RE: Why TCP is more secure than UDP? David Gillett (Jul 11)
- Re: Why TCP is more secure than UDP? Javier Reyna Padilla (Jul 10)
- RE: Why TCP is more secure than UDP? Largacha Lamela, Daniel (Jul 11)
- Shifting to Single Domain, things to worry about! WALI (Jul 11)
- Re: Shifting to Single Domain, things to worry about! Samir Pawaskar (Jul 12)
- Re: Why TCP is more secure than UDP? Jacco (Jul 10)
- RE: Why TCP is more secure than UDP? Goran Pizent (Jul 11)
- Re: Why TCP is more secure than UDP? Alex Cernat (Jul 11)
- RE: Why TCP is more secure than UDP? Yahsodhan Deshpande (Jul 11)
- Re: Why TCP is more secure than UDP? Leszek Jakubowski (Jul 11)
(Thread continues...)