Security Basics mailing list archives
RE: Why TCP is more secure than UDP?
From: "Wilfred Smith" <wilfred () esprit-omnimedia com>
Date: Wed, 11 Jul 2007 19:16:45 -0400
It's not. If the UDP packet is encrypted, and the packets are not necessarily interchangeable, it can be more secure than TCP. UDP is highly underrated for its security attributes. It's much quicker for a server to determine that a UDP packet doesn't belong and discard it. An AES stream over TCP is a stronger challenge to a degree, but slightly less breakable packets + a quicker moving, unpredictable target means you need to act fast to break in. The usual caveats about exchanging keys through a separate, non-public mechanism apply. If you're sniffing encrypted UDP packets, don't know the internal protocol and don't have the key, not only do you see indecipherable junk, but you also don't know which piece of indecipherable junk comes next, and if you can't send a synchronizing attack and capture response before the proper respondent can, there's no hope. But then, I strongly believe that obscurity can be a major contributor (partial, but major) to more secure data exchanges over a public network. W -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of David Gillett Sent: Wednesday, July 11, 2007 9:05 AM To: pal_adam () gmx net; security-basics () securityfocus com Cc: paavan.shah () gmail com Subject: RE: Why TCP is more secure than UDP? In order to spoof a UDP packet, *all* you need to do is spoof the source IP address. To successfully spoof a TCP packet, you need to also successfully spoof TCP header fields relating to the state of the connection, such as the sequence number. Rather difficult to do reliably unless you've also been sniffing the conversation. It would be possible to build a UDP-based application protocol that tracked state and sequence number, and so was "as secure as TCP". In the process, you would probably lose all of UDP's performance advantage, and your implementation would likely still be a little weaker than what is already built into TCP. David Gillett
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of pal_adam () gmx net Sent: Tuesday, July 10, 2007 1:37 AM To: security-basics () securityfocus com Cc: paavan.shah () gmail com Subject: Re: Why TCP is more secure than UDP? Hi I dont understand what you mean by spoofing, since wherever you use UDP or TCP the underlying layer still remains IP so when you spoof a source you spoof an IP source. If you talk about a man-in-the-middle attack then taking a closer look at both protocols will show that UDP doesnt establish any connection before starting the communication. Using TCP you`ll need to ACK incomming data using a pre-established sequence number which makes the attack on TCP harder but not impossible. regards Adam Pal -------- Original-Nachricht -------- Datum: 10 Jul 2007 02:11:12 -0000 Von: paavan.shah () gmail com An: security-basics () securityfocus com Betreff: Why TCP is more secure than UDP?It is said that UDP is considered more vulnerable tospoofing than TCP?Can anyone point me to any document/link which describesTCP is moresecure than UDP-- Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer
Current thread:
- Why TCP is more secure than UDP? paavan . shah (Jul 09)
- RE: Why TCP is more secure than UDP? Uzair Hashmi (Jul 10)
- Re: Why TCP is more secure than UDP? webmaster (Jul 10)
- Re: Why TCP is more secure than UDP? pal_adam (Jul 10)
- RE: Why TCP is more secure than UDP? David Gillett (Jul 11)
- RE: Why TCP is more secure than UDP? Wilfred Smith (Jul 13)
- Re: Why TCP is more secure than UDP? Buz Dale (Jul 11)
- Re[2]: Why TCP is more secure than UDP? Adam Pal (Jul 11)
- RE: Why TCP is more secure than UDP? David Gillett (Jul 11)
- Re: Why TCP is more secure than UDP? Javier Reyna Padilla (Jul 10)
- RE: Why TCP is more secure than UDP? Largacha Lamela, Daniel (Jul 11)
- Shifting to Single Domain, things to worry about! WALI (Jul 11)
- Re: Shifting to Single Domain, things to worry about! Samir Pawaskar (Jul 12)
- Re: Why TCP is more secure than UDP? Jacco (Jul 10)
- RE: Why TCP is more secure than UDP? Goran Pizent (Jul 11)
- Re: Why TCP is more secure than UDP? Alex Cernat (Jul 11)
- RE: Why TCP is more secure than UDP? Yahsodhan Deshpande (Jul 11)
(Thread continues...)