A UDP flood attack is a denial-of-service (DoS) attack using the User Datagram Protocol (UDP), a sessionless/connectionless computer networking protocol.
Using UDP for denial-of-service attacks is not as straightforward as with the Transmission Control Protocol (TCP). However, a UDP flood attack can be initiated by sending a large number of UDP packets to random ports on a remote host. As a result, the distant host will:
- Check for the application listening at that port;
- See that no application listens at that port;
- Reply with an ICMP Destination Unreachable packet.
Thus, for a large number of UDP packets, the victimized system will be forced into sending many ICMP packets, eventually leading it to be unreachable by other clients. The attacker may also spoof the IP address of the UDP packets, ensuring that the excessive ICMP return packets do not reach him, and anonymizing the attacker's network location(s).
The software UDP Unicorn can be used for performing UDP flooding attacks.
This attack can be managed by deploying firewalls at key points in a network to filter out unwanted network traffic. The potential victim never receives and never responds to the malicious UDP packets because the firewall stops them.
Famous quotes containing the words flood and/or attack:
“Myths, as compared with folk tales, are usually in a special category of seriousness: they are believed to have “really happened,” or to have some exceptional significance in explaining certain features of life, such as ritual. Again, whereas folk tales simply interchange motifs and develop variants, myths show an odd tendency to stick together and build up bigger structures. We have creation myths, fall and flood myths, metamorphose and dying-god myths.”
—Northrop Frye (1912–1991)
“Conventionality is not morality. Self-righteousness is not religion. To attack the first is not to assail the last. To pluck the mask from the face of the Pharisee is not to lift an impious hand to the Crown of Thorns.”
—Charlotte Brontë (1816–1855)