[182605] in North American Network Operators' Group
Re: UDP clamped on service provider links
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Mon Jul 27 10:19:24 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <CAPLq3UMhAchtLr+XbX5S7pyRTENk-ER=w26GptGJS2RfQ-8KEQ@mail.gmail.com>
Date: Mon, 27 Jul 2015 10:19:22 -0400
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Glen Kent <glen.kent@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Mon, Jul 27, 2015 at 10:12 AM, Glen Kent <glen.kent@gmail.com> wrote:
> Hi,
>
> Is it true that UDP is often subjected to stiffer rate limits than TCP? Is
I hear tell that some folk are engaging in this practice... You might
have seen this hear little ditty:
<http://tools.ietf.org/html/draft-byrne-opsec-udp-advisory-00>
you may have also put your ear to the tracks and seen a bunch of kids
using these 'you-dee-pee en-tee-pee' packets to fill up the tubes
across the lands... Sometimes they use not just 'en-tee-pee', but also
that old hoary bastard 'dee-en-ess' for their no good traffic backup
propositions.
> there a reason why this is often done so? Is this because UDP is stateless
> and any script kiddie could launch a DOS attack with a UDP stream?
I understand, and I'm new hear so bear with me, that there are
you-dee-pee services out there in the hinterlands which will say a
whole lot more to you than you said to them... like your worst
nightmare when it comes to smalltalk.
> Given the state of affairs these days how difficult is it going to be for
> somebody to launch a DOS attack with some other protocol?
>
not very hard at all... but here's your lipstick and there's the pig... :)
