hping wiki



User Datagram Protocol (RFC768). The UDP protocol is very similar to the IP itself, because it's just able to send datagrams from an host to another, without to try to make the link reliable. As IP, UDP datagrams can get lost, duplicated, or delivered out of order. Protocols using UDP that need to be reliable have to implement retrasmission after a timeout on top of UDP. For instance the DNS protocol, that implements a request/reply protocol on top of UDP retry to send the query after some time if no response was received from the DNS server.
The main abstraction that UDP adds to IP is the concept of port. With IP addresses it's possible to send data to a specific host, but with ports it's possible to send data to a specific process of a specific host.
UDP header

This is the C structure for the UDP header:
struct udphdr {
        __u16   source;
        __u16   dest;
        __u16   len;
        __u16   check;
};

IP spoofing and UDP

Being UDP a datagram protocol there is no state, different UDP packets are not about the same connection. If the application level protocol is not designed for security it's often very simple to do spoofing against protocols implemented on top of UDP: it's as simple as to do spoofing with IP itself, the destination host can't tell what's the real source of the packet, there is nothing of similar to the TCP sequence numbers (that often the attacker can't guess, so it's not able to forge a valid packet).
See also
IP, TCP, ICMP
 
Attached files
udp-hdr.png702 bytesTue Jan 26 13:15:05 GMT 2010remove file
Edit this page Upload file Page history - Page last update: Tue Oct 05 09:50:03 GMT 2004 by 82.49.49.143 | Your address: 54.166.146.212 | Admin