Security Basics mailing list archives
Re: Why TCP is more secure than UDP?
From: Alex Cernat <alexutzu () cernat ro>
Date: Tue, 10 Jul 2007 12:08:33 +0300
paavan.shah () gmail com wrote:
The main difference between TCP and UDP is that UDP is a 'connectionless' protocol. As you probably know, when you want to communicate on TCP, you open an connection, a stream of data. The TCP layer knows how to deliver the data in the right order (even if at IP layer the packets get scrambled and came by multiple routes and in multiple order). Of course, if a packet is lost and no retransmition is successful, the connection is considered broken and the stream is closed. TCP has some way of protections, like tcp window, random generation of tcp connection codes (in syn and syn/ack packets) and so on (this is general culture, i'm not an guru in tcp/ip). UDP is a connectionless protocol. That meens that is no 'stream' of data defined, and you send packet by packet (in fact group of bytes by group of bytes), and there is no guarantee that the destination will ever receive that data (and in case of error, there is no error message at the protocol level). Sure, anyone can ask: what the hell was this protocol being invented. Well, there aren't many programs/protocols which use UDP (better said - 'normal' programs), but UDP is beeing used in application protocols like NFS, VoIP, and many others. Why ? Because sometimes it doesn't matter if some packets are lost in the way (like VoIP, it is no use in retrasmition, because it will be too late). Or like in NFS (better said in old NFS, in v4 I believe it is working with TCP), they've implemented an ack algorithm at application level. So, they say it's faster that a similar implementation on TCP. No comment. So, as a conclusion, a TCP may be a little secure that UDP. But most important thing, if you want a secure connection, is not to relay on those simple protocols, and use some SSL/TLS or other encryption system. If someone can brake a tcp/udp connection, and flooding with some garbage packets (remember Mitnick?), it's almost impossible (unless you are from NSA or something, in case we can say "it's very hard") to break an encryption layer without anyone can see.It is said that UDP is considered more vulnerable to spoofing than TCP? Can anyone point me to any document/link which describes TCP is more secure than UDP
Alex
Current thread:
- RE: Why TCP is more secure than UDP?, (continued)
- RE: Why TCP is more secure than UDP? David Gillett (Jul 11)
- RE: Why TCP is more secure than UDP? Wilfred Smith (Jul 13)
- Re: Why TCP is more secure than UDP? Buz Dale (Jul 11)
- Re[2]: Why TCP is more secure than UDP? Adam Pal (Jul 11)
- RE: Why TCP is more secure than UDP? David Gillett (Jul 11)
- Re: Why TCP is more secure than UDP? Javier Reyna Padilla (Jul 10)
- RE: Why TCP is more secure than UDP? Largacha Lamela, Daniel (Jul 11)
- Shifting to Single Domain, things to worry about! WALI (Jul 11)
- Re: Shifting to Single Domain, things to worry about! Samir Pawaskar (Jul 12)
- Re: Why TCP is more secure than UDP? Jacco (Jul 10)
- RE: Why TCP is more secure than UDP? Goran Pizent (Jul 11)
- Re: Why TCP is more secure than UDP? Alex Cernat (Jul 11)
- RE: Why TCP is more secure than UDP? Yahsodhan Deshpande (Jul 11)
- Re: Why TCP is more secure than UDP? Leszek Jakubowski (Jul 11)
- Re: Why TCP is more secure than UDP? krymson (Jul 10)
- Re: Why TCP is more secure than UDP? levinson_k (Jul 11)
- RE: Why TCP is more secure than UDP? Dave Koontz (Jul 12)