[Bloat] Educate colleges on tcp vs udp
Erik Auerswald
auerswal at unix-ag.uni-kl.de
Sun May 23 17:42:22 EDT 2021
Hi,
On 23.05.21 23:02, Jonathan Morton wrote:
>> On 23 May, 2021, at 9:47 pm, Erik Auerswald <auerswal at unix-ag.uni-kl.de> wrote:
>>
>> As an additional point to consider when pondering whether to
>> use TCP or UDP:
>>
>> To mitigate that simple request-response protocols using UDP
>> lend themselves to being abused for reflection and amplification…
>
> I suspect such considerations are well beyond the level of education requested here. I think what was being asked for was "how do these protocols work, and why do they work that way, in language suitable for people working in a different field", rather than "which one should I use for X application".
Yes, I do think so as well.
Nevertheless, I want to raise awareness of the risks
inherent in building protocols based on UDP.
As an optimist, I do believe that it may be possible
that in future less new protocols are created that
are useful for amplification attacks, by often raising
awareness of the risks and how to mitigate them.
I would have preferred if the current DDoS attacks using
STUN could have been avoided, by allowing standard
compliant STUN implementations to have an amplification
factor < 1, or at least ≤ 1, and by building response
rate limits into the standard.
(See, e.g.,
https://mail.jabber.org/pipermail/operators/2021-April/003130.html)
Thanks,
Erik
More information about the Bloat
mailing list