Follow

Q&A: What is a UDP Flood?

Question

  • What is a UDP Flood?
  • Is Silverline able to protect against UDP floods?

Environment

  • Silverline DDoS
  • Routed or Proxy DDoS protection

Answer

  • UDP is a standard protocol for communication across IP networks, but since UDP packets are stateless, they require less error checking and validation, in contrast to TCP
  • A UDP flood is an attack that sends large amounts of User Datagram Protocol packets to the target. 
  • The goal of the attack is to send bogus UDP requests to random ports on a remote host in order to overwhelm the server so it stops responding to other legitimate requests.
  • UDP Flood attacks can be amplified and non-amplified.
  • Silverline can protect against UDP attacks, additionally, Silverline recommends the customers in the routed service, configuring the recommended firewall rules to increase protection.

Traffic Sample

16:56:04.997249 IP X.X.X.X.56624 > X.X.X.X7.443: UDP, length 1024
16:56:04.997251 IP X.X.X.X.38231 > X.X.X.X7.443: UDP, length 1024
16:56:04.997251 IP X.X.X.X.35314 > X.X.X.X7.443: UDP, length 1024
16:56:04.997252 IP X.X.X.X.38231 > X.X.X.X7.443: UDP, length 1024
16:56:04.997254 IP X.X.X.X.38231 > X.X.X.X7.443: UDP, length 1024
16:56:04.997255 IP X.X.X.X.38231 > X.X.X.X7.443: UDP, length 1024
16:56:04.997257 IP X.X.X.X.38231 > X.X.X.X7.443: UDP, length 1024
16:56:04.997260 IP X.X.X.X.38653 > X.X.X.X7.443: UDP, length 1024
16:56:04.997272 IP X.X.X.X.49501 > X.X.X.X7.443: UDP, length 1024
16:56:04.997272 IP X.X.X.X.44410 > X.X.X.X7.443: UDP, length 1024
16:56:04.997272 IP X.X.X.X.51685 > X.X.X.X7.443: UDP, length 1024
16:56:04.997275 IP X.X.X.X.50990 > X.X.X.X7.443: UDP, length 1024
16:56:04.997276 IP X.X.X.X.55793 > X.X.X.X7.443: UDP, length 1024
16:56:04.997277 IP X.X.X.X.50990 > X.X.X.X7.443: UDP, length 1024

 

Related Content

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request