Security Basics: Re: Why TCP is more secure than UDP?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Basics mailing list archives

Re: Why TCP is more secure than UDP?

From: Alex Cernat <alexutzu () cernat ro>
Date: Tue, 10 Jul 2007 12:08:33 +0300

paavan.shah () gmail com wrote:

It is said that UDP is considered more vulnerable to spoofing than TCP?

Can anyone point me to any document/link which describes TCP is more secure than UDP

The main difference between TCP and UDP is that UDP is a'connectionless' protocol. As you probably know, when you want tocommunicate on TCP, you open an connection, a stream of data. The TCPlayer knows how to deliver the data in the right order (even if at IPlayer the packets get scrambled and came by multiple routes and inmultiple order). Of course, if a packet is lost and no retransmition issuccessful, the connection is considered broken and the stream isclosed. TCP has some way of protections, like tcp window, randomgeneration of tcp connection codes (in syn and syn/ack packets) and soon (this is general culture, i'm not an guru in tcp/ip).UDP is a connectionless protocol. That meens that is no 'stream' of datadefined, and you send packet by packet (in fact group of bytes by groupof bytes), and there is no guarantee that the destination will everreceive that data (and in case of error, there is no error message atthe protocol level). Sure, anyone can ask: what the hell was thisprotocol being invented. Well, there aren't many programs/protocolswhich use UDP (better said - 'normal' programs), but UDP is beeing usedin application protocols like NFS, VoIP, and many others. Why ? Becausesometimes it doesn't matter if some packets are lost in the way (likeVoIP, it is no use in retrasmition, because it will be too late). Orlike in NFS (better said in old NFS, in v4 I believe it is working withTCP), they've implemented an ack algorithm at application level. So,they say it's faster that a similar implementation on TCP. No comment.So, as a conclusion, a TCP may be a little secure that UDP. But mostimportant thing, if you want a secure connection, is not to relay onthose simple protocols, and use some SSL/TLS or other encryption system.If someone can brake a tcp/udp connection, and flooding with somegarbage packets (remember Mitnick?), it's almost impossible (unless youare from NSA or something, in case we can say "it's very hard") to breakan encryption layer without anyone can see.


Alex

By Date By Thread

Current thread:

RE: Why TCP is more secure than UDP?, (continued)
- Re: Why TCP is more secure than UDP? Jacco (Jul 10)
- RE: Why TCP is more secure than UDP? Goran Pizent (Jul 11)
- Re: Why TCP is more secure than UDP? Alex Cernat (Jul 11)
- RE: Why TCP is more secure than UDP? Yahsodhan Deshpande (Jul 11)
- Re: Why TCP is more secure than UDP? Leszek Jakubowski (Jul 11)
- Re: Why TCP is more secure than UDP? krymson (Jul 10)
- Re: Why TCP is more secure than UDP? levinson_k (Jul 11)
  - RE: Why TCP is more secure than UDP? Dave Koontz (Jul 12)