next up previous
Next: DNS Up: Filtering out reflector replies Previous: TCP

UDP

Like IP, UDP is a generic carrier for higher-level protocols [Po80], and by itself does not constitute a reflector threat because there is no inherent ``reply'' mechanism built into UDP reception. As with TCP above, the port numbers in the header may provide for filtering when an attack is based on reflecting off of UDP servers running on well-known ports. The length and checksum fields appear to provide the same traction as for IP, i.e., essentially none.



Vern Paxson
2001-06-26