-
January 25th, 2004, 12:16 AM
#1
TCP vs UDP
Should i be more worried about TCP listening ports than UDP listening ports ?
-
January 25th, 2004, 12:23 AM
#2
Well, if you're concerned about security you should be worried about any unknown listening ports using any protocol.
-
January 25th, 2004, 12:24 AM
#3
AFAIK, TCP ports are more for data transmission, where the data needs to get to the recipient. UDP is for when it really doesnt matter, for things like streaming audio and video. IMHO, i think you should be worried a bit more about TCP than UDP
slick
\"Look, Doc, I spent last Tuesday watching fibers on my carpet. And the whole time I was watching my carpet, I was worrying that I, I might vomit. And the whole time, I was thinking, \"I\'m a grown man. I should know what goes on my head.\" And the more I thought about it... the more I realized that I should just blow my brains out and end it all. But then I thought, well, if I thought more about blowing my brains out... I start worrying about what that was going to do to my goddamn carpet. Okay, so, ah-he, that was a GOOD day, Doc. And, and I just want you to give me some pills and let me get on with my life. \" -Roy Waller
-
January 25th, 2004, 01:14 AM
#4
slick is correct.
TCP is a connection orientated protocol.
UDP is a connectionless orientated protocol.
TCP is used for for most programs that need to make sure the data gets there.
UDP is used mostly for games, streaming adio and video. It is the faster of the two protocols cause it doesn't check to see if the data go to the recipient correctly.
-
January 25th, 2004, 01:27 AM
#5
-
January 25th, 2004, 01:29 AM
#6
Personally, I'd still be concerned about the UDP ports as that can be a protocol used for DoS attacks and the like. Something I'm sure you'd want to avoid being the source of.
-
January 25th, 2004, 01:34 AM
#7
Originally posted here by pwaring
Well, if you're concerned about security you should be worried about any unknown listening ports using any protocol.
I second pwaring on this:
The mere fact that a socket is listening in udp or tcp doesn't say zip about it's vulnerability potential.
Take for example SQL server, it uses (amongst other) port udp 1434. Does udp 1434 ring a bell? That's right: slammer. Slammer was able DoS a huge number of machines by sending only a single 376 bytes datagram to SQL Server/MSDE hosts. Windows also uses udp 137-138 for NetBIOS/SMB file sharing. SNMP also uses udp 162, which can potentially reveal sensitive information. Not to forget that some game servers that use udp have also had vulnerabilities exposed. Etc.
So there's really no basis for tcp/udp discrimination as far as vulnerability goes.
Ammo
Credit travels up, blame travels down -- The Boss
-
January 25th, 2004, 01:37 AM
#8
I'd definately say be concerned with UDP listening ports. The ever famous Back Orifice listened on UDP port 31337. An open UDP port is just as dangerous as an open TCP port.
-
January 25th, 2004, 10:16 PM
#9
Member
anyone wants to talk about icmp?
-
January 25th, 2004, 10:23 PM
#10
ICMP deals in error checking and so on. The user interface for ICMP is the ping program. You can use ping to send ICMP packets and see if something responds with "Hello, I'm up and running"
ping 192.168.0.1
{192.168.0.1} Hello, I'm up and running.
Of course you can set hardware and software to NOT respond to ping.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|