Security Basics mailing list archives
Re[2]: Why TCP is more secure than UDP?
From: Adam Pal <pal_adam () gmx net>
Date: Wed, 11 Jul 2007 22:13:09 +0200
Hello Buz, Thank you for your details. What you describe looks to me like some land or smurf-attack. Let me go on... i) using the conf. you describe, if i understand you well, even 1 legitime ECHO will start some pending of packets. ii) as you describe it is for me a M-I-T-M attack where you basicaly spoof an IP The point that you use TCP ur UDP doesnt really matter, because as i mentioned, the only thing which makes TCP harder to break is the pre-established connection with the seq-number. Taking this in consideration, if Moe sniffs the traffic he can hijack the TCP-Session or try to guess the seq-nr. But as i mentioned, we dont spoof here TCP or UDP, we basicaly spoof an IP and start an man in the middle (M-I-T-M) attack on the respective protocol. -- Best regards, Adam Pal P.S. Considering your scenario, if the router is configured not to accept inbound traffic with rfc-1918 source-addresses everything is ok. From that point of view it can be also a weakness of the router conf. more than a weakness of the protocol? :) Wednesday, July 11, 2007, 9:18:42 PM, you wrote: <==============Original message text=============== BD> I'll try and illustrate a security difference. Lets say I have a BD> service called "Echo" that runs on both udp port 7 and tcp port 7 on BD> two machines on my lan (192168.1.1 or "Larry" and 192.168.1.2 or BD> "Curly".) Suppose this service just echoes back any packet I send it. BD> Suppose my tricky friend "Moe" is across the internet at 10.0.0.1 (Oh BD> yeah - and let's also suppose these are not rfc 1918 addresses.) Moe's BD> router and ISP are configured kinda loosely and don't really care BD> about source addresses, just destination. BD> If Moe uses a UDP packet with source 192.168.1.2 and destination BD> 192.168.1.1, his first packet could (if My router configs are a BD> little loose) get that packet to Larry, the content of that packet BD> "SLAP" will get echoed to Curly who will then SLAP Larry who will BD> then SLAP Curly ad inifinitum. Burning network and CPU until noticed. BD> (works well actually with port 19 and Chargen as one of the ports and BD> 7 as the other.) BD> If Moe uses a tcp packet with source 192.168.168.1.2 and a destination BD> of 192.168.1.1. His packet will get to Larry and Larry will try and BD> handshake with Curly who won't have any idea of what's going on and BD> stop the transaction. BD> It's easy for Moe to "spoof" either udp or tcp but the udp packet is BD> more fun for Moe. BD> Luck, BD> Buz BD> On 7/10/07, pal_adam () gmx net <pal_adam () gmx net> wrote:
Hi I dont understand what you mean by spoofing, since wherever you use UDP or TCP the underlying layer still remains IP so when you spoof a source you spoof an IP source. If you talk about a man-in-the-middle attack then taking a closer look at both protocols will show that UDP doesnt establish any connection before starting the communication. Using TCP you`ll need to ACK incomming data using a pre-established sequence number which makes the attack on TCP harder but not impossible. regards Adam Pal -------- Original-Nachricht -------- Datum: 10 Jul 2007 02:11:12 -0000 Von: paavan.shah () gmail com An: security-basics () securityfocus com Betreff: Why TCP is more secure than UDP?It is said that UDP is considered more vulnerable to spoofing than TCP? Can anyone point me to any document/link which describes TCP is more secure than UDP-- Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer
<===========End of original message text===========
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Why TCP is more secure than UDP? paavan . shah (Jul 09)
- RE: Why TCP is more secure than UDP? Uzair Hashmi (Jul 10)
- Re: Why TCP is more secure than UDP? webmaster (Jul 10)
- Re: Why TCP is more secure than UDP? pal_adam (Jul 10)
- RE: Why TCP is more secure than UDP? David Gillett (Jul 11)
- RE: Why TCP is more secure than UDP? Wilfred Smith (Jul 13)
- Re: Why TCP is more secure than UDP? Buz Dale (Jul 11)
- Re[2]: Why TCP is more secure than UDP? Adam Pal (Jul 11)
- RE: Why TCP is more secure than UDP? David Gillett (Jul 11)
- Re: Why TCP is more secure than UDP? Javier Reyna Padilla (Jul 10)
- RE: Why TCP is more secure than UDP? Largacha Lamela, Daniel (Jul 11)
- Shifting to Single Domain, things to worry about! WALI (Jul 11)
- Re: Shifting to Single Domain, things to worry about! Samir Pawaskar (Jul 12)
- Re: Why TCP is more secure than UDP? Jacco (Jul 10)
- RE: Why TCP is more secure than UDP? Goran Pizent (Jul 11)
- Re: Why TCP is more secure than UDP? Alex Cernat (Jul 11)
- RE: Why TCP is more secure than UDP? Yahsodhan Deshpande (Jul 11)
- Re: Why TCP is more secure than UDP? Leszek Jakubowski (Jul 11)
- <Possible follow-ups>
- Re: Why TCP is more secure than UDP? krymson (Jul 10)
(Thread continues...)