h
p
i
ng
wiki
HOME
-
RECENT CHANGES
-
CONTACTS
-
DOWNLOAD
-
ANTIREZ
-
TCL BOOK
Differences for page
UDP
Current version compared with version
Sun May 30 09:31:30 GMT 2004
...
The following is the old page content
*User Datagram Protocol* ([link http://ietf.org/rfc/rfc0768.txt RFC768]). The UDP protocol is very similar to the [IP] itself, because it's just able to send datagrams from an host to another, without to try to make the link reliable. As [IP], [UDP] datagrams can get lost, duplicated, or delivered out of order. Protocols using [UDP] that need to be reliable have to implement retrasmission after a timeout on top of [UDP]. For instance the [DNS] protocol, that implements a request/reply protocol on top of [UDP] retry to send the query after some time if no response was received from the [DNS] server. The main abstraction that [UDP] adds to [IP] is the concept of [port]. With [IP address]es it's possible to send data to a specific host, but with [port]s it's possible to send data to a specific process of a specific host. ===UDP header=== [img udp-hdr.png] This is the C structure for the UDP header: struct udphdr { __u16 source; __u16 dest; __u16 len; __u16 check; }; ===IP spoofing and UDP=== Being [UDP] a datagram protocol there is no state, different UDP packets are not about the same connection. If the application level protocol is not designed for security it's often very simple to do [spoofing] against protocols implemented on top of [UDP]: it's as simple as to do spoofing with [IP] itself, the destination host can't tell what's the real source of the packet, there is nothing of similar to the [TCP] sequence numbers (that often the attacker can't guess, so it's not able to forge a valid packet). ===See also=== [IP], [TCP], [ICMP]
Copyright (C) 2004 Salvatore Sanfilippo - Powered by
YakuWiki
and
Tcl/Tk