User Datagram Protocol (UDP)
User Datagram Protocol (UDP) is used for fast messaging, by applications that don't mind if a packet is lost/incorrect. It's
- connection-less đĻ: no prior connection is established
- stateless đ: no information about the session is kept
It's used when speed is more important than quality.
đī¸ Port: N/A
đēī¸ Used by: dhcp
, dig
, dns
...
âī¸ UDP PDUs are called datagrams.
It's not trustworthy:
- đŽ No warranty that the message will be received
- đ No warranty that the message received is correct
- đĨ No warranty that the message are received in the correct order
UDP Header
- 2 bytes for the "source port"
- 2 bytes for the "destination port"
- 2 bytes for the "size of the message"
- 2 bytes for the "checksum of the message"
TCP vulnerabilities
- UDP Checksum Attack
đ An attacker manipulates the checksum allowing tampered packets to by accepted. âĄī¸ Use encryption (IPSec, a VPN...).
- UDP Flood Attack
đ An attacker send many UDP requests to slowdown or overwhelm the target. đĨ DoS âĄī¸ Setup filtering, rate-limiting...