Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > udp flood protection

Reply
Thread Tools

udp flood protection

 
 
SJ
Guest
Posts: n/a
 
      07-18-2005
Hello All!

I'm about to build an UDP balancer application on Unix (a reverse proxy)
and I'd like to implement a flood protection. Any ideas how to do this
besides checking the IP address of the clients?

TIA,

SJ
 
Reply With Quote
 
 
 
 
Lawrence DčOliveiro
Guest
Posts: n/a
 
      07-19-2005
In article <(E-Mail Removed)>, SJ <(E-Mail Removed)>
wrote:

>I'm about to build an UDP balancer application on Unix (a reverse proxy)
>and I'd like to implement a flood protection. Any ideas how to do this
>besides checking the IP address of the clients?


It is in the nature of UDP that essentially all the processing is up to
the receiving application. So the definition of "flood" depends on how
much your application can cope with. Contrast TCP SYN flood attacks,
where the "flood" arises because it fills up a connection table managed
by the kernel.

Checking IP addresses of incoming UDP packets isn't going to be enough,
since any eavesdropper can determine which addresses you're
communicating with and spoof packets with those addresses.
 
Reply With Quote
 
 
 
 
SJ
Guest
Posts: n/a
 
      07-19-2005
Lawrence DčOliveiro wrote:

> It is in the nature of UDP that essentially all the processing is up to
> the receiving application. So the definition of "flood" depends on how
> much your application can cope with. Contrast TCP SYN flood attacks,
> where the "flood" arises because it fills up a connection table managed
> by the kernel.
>
> Checking IP addresses of incoming UDP packets isn't going to be enough,
> since any eavesdropper can determine which addresses you're
> communicating with and spoof packets with those addresses.


Hello Lawrence!

And what other steps do you recommend? Eg. traffic shaping on the router
or running iptables with "--limit" on the udp proxy host, ...

SJ
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
copy protection / IP protection g Java 69 04-25-2006 04:10 PM
udp (0) -> udp (0) traffic ? Tom Cisco 2 03-04-2004 06:06 PM
Cisco 3550 flood control notification pi1220 Cisco 0 02-12-2004 03:56 PM
Weird flood DOS protocol 11? PNC Cisco 2 12-20-2003 03:37 AM



Advertisments