TCP vs UDP
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: TCP vs UDP

  1. #1
    Senior Member
    Join Date
    Jan 2004
    Posts
    199

    TCP vs UDP

    Should i be more worried about TCP listening ports than UDP listening ports ?
    -

  2. #2
    AO Antique pwaring's Avatar
    Join Date
    Aug 2001
    Posts
    1,409
    Well, if you're concerned about security you should be worried about any unknown listening ports using any protocol.
    Paul Waring - Web site design and development.

  3. #3
    Senior Member
    Join Date
    May 2003
    Posts
    407
    AFAIK, TCP ports are more for data transmission, where the data needs to get to the recipient. UDP is for when it really doesnt matter, for things like streaming audio and video. IMHO, i think you should be worried a bit more about TCP than UDP


    slick
    \"Look, Doc, I spent last Tuesday watching fibers on my carpet. And the whole time I was watching my carpet, I was worrying that I, I might vomit. And the whole time, I was thinking, \"I\'m a grown man. I should know what goes on my head.\" And the more I thought about it... the more I realized that I should just blow my brains out and end it all. But then I thought, well, if I thought more about blowing my brains out... I start worrying about what that was going to do to my goddamn carpet. Okay, so, ah-he, that was a GOOD day, Doc. And, and I just want you to give me some pills and let me get on with my life. \" -Roy Waller

  4. #4
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    slick is correct.

    TCP is a connection orientated protocol.

    UDP is a connectionless orientated protocol.

    TCP is used for for most programs that need to make sure the data gets there.

    UDP is used mostly for games, streaming adio and video. It is the faster of the two protocols cause it doesn't check to see if the data go to the recipient correctly.
    =

  5. #5
    Senior Member
    Join Date
    Jan 2004
    Posts
    199
    Thanks for the replies
    -

  6. #6
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Personally, I'd still be concerned about the UDP ports as that can be a protocol used for DoS attacks and the like. Something I'm sure you'd want to avoid being the source of.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  7. #7
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    Originally posted here by pwaring
    Well, if you're concerned about security you should be worried about any unknown listening ports using any protocol.
    I second pwaring on this:
    The mere fact that a socket is listening in udp or tcp doesn't say zip about it's vulnerability potential.

    Take for example SQL server, it uses (amongst other) port udp 1434. Does udp 1434 ring a bell? That's right: slammer. Slammer was able DoS a huge number of machines by sending only a single 376 bytes datagram to SQL Server/MSDE hosts. Windows also uses udp 137-138 for NetBIOS/SMB file sharing. SNMP also uses udp 162, which can potentially reveal sensitive information. Not to forget that some game servers that use udp have also had vulnerabilities exposed. Etc.

    So there's really no basis for tcp/udp discrimination as far as vulnerability goes.


    Ammo
    Credit travels up, blame travels down -- The Boss

  8. #8
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    I'd definately say be concerned with UDP listening ports. The ever famous Back Orifice listened on UDP port 31337. An open UDP port is just as dangerous as an open TCP port.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  9. #9
    Member
    Join Date
    Nov 2003
    Posts
    39
    anyone wants to talk about icmp?
    thing

  10. #10
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    ICMP deals in error checking and so on. The user interface for ICMP is the ping program. You can use ping to send ICMP packets and see if something responds with "Hello, I'm up and running"

    ping 192.168.0.1

    {192.168.0.1} Hello, I'm up and running.

    Of course you can set hardware and software to NOT respond to ping.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •