UDP clamped on service provider links

Christopher Morrow morrowc.lists at gmail.com
Mon Jul 27 14:19:22 UTC 2015


On Mon, Jul 27, 2015 at 10:12 AM, Glen Kent <glen.kent at gmail.com> wrote:
> Hi,
>
> Is it true that UDP is often subjected to stiffer rate limits than TCP? Is

I hear tell that some folk are engaging in this practice... You might
have seen this hear little ditty:
  <http://tools.ietf.org/html/draft-byrne-opsec-udp-advisory-00>

you may have also put your ear to the tracks and seen a bunch of kids
using these 'you-dee-pee en-tee-pee' packets to fill up the tubes
across the lands... Sometimes they use not just 'en-tee-pee', but also
that old hoary bastard 'dee-en-ess' for their no good traffic backup
propositions.

> there a reason why this is often done so? Is this because UDP is stateless
> and any script kiddie could launch a DOS attack with a UDP stream?

I understand, and I'm new hear so bear with me, that there are
you-dee-pee services out there in the hinterlands which will say a
whole lot more to you than you said to them... like your worst
nightmare when it comes to smalltalk.

> Given the state of affairs these days how difficult is it going to be for
> somebody to launch a DOS attack with some other protocol?
>

not very hard at all... but here's your lipstick and there's the pig... :)



More information about the NANOG mailing list