First page Back Continue Last page Summary Graphics

UDP Flood

UDP test services are especially easy to use - automatic query-response behavior (echo, chargen, daytime, and time)
Attack launched with a single packet containing a spoofed source address, resulting in an infinite loop of network traffic
Can be launched between two victims, or between a network of intermediaries and a single victim

Notes:

The UDP protocol is especially useful as a denial-of-service tool. Unlike TCP, UDP is stateless. Flow control mechanisms aren't included. There are no connection state flags. Datagram sequence numbers aren’t used. No information is maintained on which packet is expected next. It’s relatively easy to keep a system so busy responding to incoming UDP probes that no bandwidth is left for legitimate network traffic.

Because UDP services are inherently less secure than TCP services, many sites disable all UDP ports which aren't absolutely necessary. As mentioned earlier, almost all common Internet services are TCP-based.

UDP Flood

UDP test services are especially easy to use - automatic query-response behavior (echo, chargen, daytime, and time)

Attack launched with a single packet containing a spoofed source address, resulting in an infinite loop of network traffic

Can be launched between two victims, or between a network of intermediaries and a single victim

Notes: