A transport layer communication protocol, UDP is a very common protocol for voice and video traffic.
After reading this article you will be able to:
What Is HTTP?
Web Application Firewall (WAF)
Ping Flood Attack
UDP Flood Attack
UDP is a communication protocol used across the Internet for especially time-sensitive transmissions such as video playback or DNS lookups. It speeds up communications by not requiring what’s known as a “handshake”, allowing data to be transferred before the receiving party agrees to the communication. This allows the protocol to operate very quickly, and also creates an opening for exploitation.
A TCP connection, which is used commonly used for loading web page content, requires a handshake in which the receiver agrees to the communication before the data is sent. UDP will send data without confirmation, even if the request is fraudulent.
UDP doesn’t have the error checking and ordering functionality of TCP and is best utilized when error checking is not needed and speed is important. This built-in lack of reliability is why UDP is sometimes referred to as ‘Unreliable Datagram Protocol’.
Introduced in 1980, UDP is among the oldest network protocols still in use. Applications that utilize UDP must be able to tolerate errors, loss, and duplication. While this sounds less than ideal, there are several applications where a faster and less reliable protocol is the best choice.
UDP is commonly used in time-sensitive communications where occasionally dropping packets is better than waiting. Voice and video traffic are sent using this protocol because they are both time-sensitive and designed to handle some level of loss. For example VOIP (voice over IP), which is used by many internet-based telephone services, operates over UDP. This is because a staticy phone conversation is preferable to one that is crystal clear but heavily delayed. This also makes UDP the ideal protocol for online gaming. Similarly, because DNS and NTP servers both need to be fast and efficient, they operate though UDP. Volumetric DDoS attacks including DNS amplification and NTP amplification make use of vulnerable instances of these servers with the aim of flooding a target with UDP traffic.