Question

Describe how DDoS attacks may be mounted against TCP and UDP services. In what way will being connection oriented be different for TCP and UDP?

Answer 1

Answer)

The DDoS attack are mostly being performed by the cyber attackers which is a common one now by mostly controlling the botnet. The attacker here would target the IP address which would target and command the bots which are to be sent to the data packets to the IP.

For the TCP:

It is the TCP SYN flood which is a kind of DDoS attack that happens in the TCP that leads to exploiting the normal TCP three-way handshaking for consuming the resources on the target server and then rendering the unresponsive.

Mostly here the hacker sends the TCP connection request much faster than that of the targetted machine which can process those and causing the network to saturate.

The connection orientation in the TCP would be as follows:

1) First, the client would request the connection by sending the SYN messages to that of the server

2) The server then acknowledges by sending the SYN-ACK message to that of the client

3) When the client responds to the message with an ACK message then the connection gets established.

For UDP:

It is the UDP flood which is the kind of denial of service attack which happens in huge number with the UDP packet which is triggered to the targeted server and the device would have the ability to process and respond. Here the firewall would protect the targetted server but would get exhausted because of the UDP flooding.

The connection orientation in UDP is as follows:

1) The server would check the program if they are running fine or not and who is listening to the request at the specified port

2) When no such programs would be receiving the packets at the specified port then the server would respond with the ICMP packet for informing the sender that the destination was not reachable.

Hope this answer helps.
If you find this answer useful, do hit like.
Thanks