hello everybody,
i need ur help, i read in networking and some security on it, i have problem when i read that, it is:
i know that UDP is unrealiable , so i think that mean it has no 3-way hand shaking,
but when i read many papers, it said that UDP can be checked (by authantic method) in the first request packet, and if it not auth. the whole traffic is discard!!!!
please how is that??
doesn't the packets reach the destination out of order? so how can we recognize the first request packet from other packets?
and how to recognize the whole flow of that request?

thank u very much for any help
regards
swa

I think you are a bit confused. First of all you say you need network security, what exactly for? If you just need security for your personal pc then use your firewalls or run virtual pc when you are surfing the internet. UDP packets are hardly unreliable they are very efficient at what they do. The reason you may want to discard packets is because if there is some kind of delay you don't want to wait for the information. UDP will try to fill in the missing peices the best it can and move on, for instance if you have ever streamed live video over the network and notice a little blip that's because information was lost but the video continues to play reguardless. As far as the flow of request, it should not matter you don't need to check it. A request is made and packets start coming through if some errors are made like I said it will attempt to fix very quickly but it shouldn't get carried away cause the next packet is already arriving.

thank u very much for ur reply,
i am sorry i think my question is not clear enough, so i must clear it now,
i read methods that said that an attacker can spoof the ip address of any computer, and read about solutions of that problem, so the solution require to check the auth. of each packets (of every types), i understand what concern the TCP, but my problem is with the UDP, that is because TCP had 3-way handshake and it is possible for the router in the stub nw to give the client a key and ask the client to use it in the ACK packet so the 3-way is comleted or not according to that.
but in UDP there is no 3-way, so how to inforce the client using UDP to be auth. ,
it said that the authintication is done in the 1st request packet and if it is not auth. the whole traffic is discard.
so what is the 1st request packet in UDP? ,(while it is the SYN in TCP)
and how to know the whole traffic of that 1st request?

thank u in advance
best regards

Ok yes that makes much more sence. The fact of the matter is that you can't be sure the packet will ever reach it's destination with UDP. So your solution will have to be either to authenticate with tcp and then use UDP protocol. Or a better solution would be a diffrent method of authenication all together before a user ever reaches the network, then all of your information will be in a secure state before, during, and even after the trasmission. Think of even a very suttle approach, if you encrypt the data to be sent on the machine it's being sent from, then send it out even if someone intersepts it it will be worthless to them depending on the strength of encryption. Ok now we have that it place we have one layer of security. All of our data is wrapped up in a nice encryption. Now lets take it a step further and look at the network design. The line is coming in and what does it hit first? I really hope our firewalls are in place here. There is another layer. What comes next? All incoming requests are sent to the authentication server everything from the user to network handshake, and packet examination can be done here. Depending on the level of security needed the authentication server may or may not be a part of the main network. So what happens exactly at our authentication server? Well the user logs in and if the login is successful according to the standards we provide there the user is givin a speical key from the server. We can specify special rules as well such as time to live for the key etc...etc... Now that the user has a key they can be allowed access to the network. The authenication server can maintain and even update the rules at this stage of the game, at speeds even a seasoned hacker would want to rip his eyeballs out at the socket and give up. Most security can be implemented with proper design, and as a great mentor once told me it's the layers that make security what it is. If we have enough layers we can rest easy and yeah we may examine packets here and there for intergrity of the system, but unless you are working with launch codes for ballistic missiles I think this solution should be strong enough for anything you come across.

thank u very much for ur reply,
i read it carefully, sorry my mother languge is not english, so i think i am not exactly undestand what u want to reach, but it is helpful a lot,
so for what i think u want to know is:
1-the method of auth. is at the router of the leaf nw(nearest router to the client)
2-the key(that was generated by the router) is put in the ip option field
so what i am exactly need is to know how is the negotition is done when the packet from the client to the router(before the server) is a UDP?

thank u in advance for ur help
best regards

That is the point exactly. There will be no authentication done with the UDP packets. The authentication should be handled some where else before you start sending UDP packets if they are indeed that important to be secured. In fact if you try to authenicate the packets you will be setting yourself up for problems. If the packet that's authenticating doesn't reach the destination then the person it was intended for will be "shutdown". UDP packets will not authenicate, that should be the job of something else. If the client can't authenicate to the server simply do not send the information. If they can then there is no problem. I'll repeat it once more to get the point across UDP packets will not authenicate they are simply requested for and then sent in a stream, in real time for like video, voice, things of this nature.

If you are very intent on doing this there may possibly be some extreme algorithms that you could set up in the stream of UDP packets where as they might attempt to authenicate, or realize the order they are being sent in. But to be honest that defeats the purpose of what they are being used for. If you need it secured that badly send it in tcp packets instead, example client first downloads the information in a secure connection and then they can use it when it's done downloading. If you need real-time though UDP is your freind and it can be done securely as mentioned.

thank u very much for ur reply, and to be patient with me that is kind of u,
for that what i am asking for

they are simply requested for and then sent in a stream,

how it is request?
i want to know what is the first request packet, and how it is done
thank u and sorry for any annoying
best regards

That would probably depend on what you are sending. What services does the server have that you will be sending out in UDP? Are you building your own sockets as an experiment? Are you providing voice over ip? Are you streaming video? I would have to know what you are trying to accomplish first. You say you want to know what the request is but you should already know. What is your client requesting then you can examine it at the the protocol levels.

ok, i need it for experment now,
and if it not annoying u i need to know as u can explain,what about the others
and i am very thanks

Ok if you are just interested in how it works I can attempt to explain. The thing to realize here is that most of this is usually done automatically for us. Take for example youtube.com A client clicks the link to stream a video, when they click the link the request is sent to the server. The server recieves this and begins to send out the information requested. You seem to want to know what information is in the request packet. This explains the layout of a UDP request packet udp packet structure. So you see here there is no authentication feild in the packet. You could in theory construct your own but it's somewhat pointless. If you are interested in working with sockets and packets at the programming level that would also give you a better grasp on how they work and why. Python has great and easy networking capabilities that could help you set up a simple server and client architecture so you could run some experiments. If your main concern is what goes in the request packet the link provided in this post shows exactly what is inside a UDP request packet. If this gives you any thoughts or questions I'm glad to try and elaborate more.

thank u very much what u said is very helpful
ok, now when we press a click the request initiated, and that req. packet is first go to the router, (in the protocol i need to understand) the router give that client a key and ask him to put it in the option field of the ip header and that key have an limited valid time, so he must after that put that key in each req. pkt in futer untill it become not valid, then he req. a new one
so now for that ex.
i will tell u what i am thought now i don't know if it is true
after that the pkt return to the client that contain the key (he must use it in the next time), the first time is forwarded, but for next click on another link the key must be in the packet to be forwarded,
or the router send the key when he initiat it, and the client save it some where(i think may be cookie or what u can think to save it?please) and use it in the 1st req. (on each click)
is that right, would i now understand it well?

thanks for all ur help
best regards

Yes what you say is true. The rules for the key can of course be ajusted at the router, while the packet is still in packet "form". The server should maintain information about the key. Now that you have a clear picture let's look at some examples.

Client sends request to server
Server accepts the request and sends key
The rules of this key are to send data to the client unless the connection is timed out lets say 10 minutes of inactivity. At that point if the server has not had another request from the client authentication must take place again.
So server sends key and trasmits the data
Lets pretend it was a 9.50 min long video
The data is sent and the connection is still valid for 10 seconds incase of problems
After the 10 minutes the server dumps the key and the client must send a new request.

Now if we want to tighten up security on it we could possibly do something like.
Client sends request
Server recieves and sends key
Rules of this key will be that every 2 minutes the key must be renewed.
Here is our problem....
The client only requests the information once.
They push the button get authenticated and expect all the data to come at them.
One way possibly around this issue would be to install special software on the client which defines new rules. For example we let the client know that before the 2 minutes are up it must fire off a new request for the key or the connection will be terminated.

You are correct to though about cookies as a possibility, I have always been a litte leary of them from a security standpoint. But that is what cookies do, although if you didn't put a time to live on your cookie that is where I could see a possble security issue. At which stage we are right back where we started in senario 1.

thank u very much for all ur help
best regards

Hi,

UDP is defined as "User DataGram Protocol" and it clearly mentions it is not reliable and UDP is Connectionless whereas tcp is a connection oriented connectionless means there is no 3 Way Hand Shake.

Hi,

UDP is User Datagram Protocol,it is fast,and not reliable that is true but when it comes to udp can be authenticated so for this i need to explain you with an example as below :

whenever you open a file or folder on your system it will directly open without any authentication and a 3 way handshaking is done which is not reliable as it is not authenticated and if the same file or folder on a UDP system is authenticated then it requires authentication to open the same file and folder.You can check by yourself on your system rightclick on file or folder and authenticate the same file it will ask for authentication and a 3 way handshaking is done inside the same system.It is complicated but easy to understand if your basics on Networking

hello
im sending UDP packet with speed(100Mbps) so when i tested on my pc 127.0.0.1
not received all packets ,,,,i said may be for buffer size ...i define buffer size as size of packet from 64 to 1500 byte ,,,,,why the all packets can not received??
please help me

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.