Next: DNS
Up: Filtering out reflector replies
Previous: TCP
Like IP, UDP is a generic carrier for higher-level
protocols [Po80], and by itself does not constitute a reflector
threat because there is no inherent ``reply'' mechanism
built into UDP reception. As with TCP above, the port
numbers in the header may provide for filtering when
an attack is based on reflecting off of UDP servers
running on well-known ports. The length and checksum
fields appear to provide the same traction as for IP,
i.e., essentially none.
Vern Paxson
2001-06-26