Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1328
Views
4
Helpful
1
Replies

UDP Bomb

Jhun Banzuela
Level 1
Level 1

‎03-16-2014 07:58 PM - edited ‎03-10-2019 06:09 AM

Hi Expert,

We are always detecting too many UDP bomb event.

It is low severity though. Normally the victim IP is a mobile device.

Is there a way to know what is causing and how to prevent .

 

Regards,

Jhun

Labels:
0 Helpful
1 Reply 1

Ravi Singh
Level 7
Level 7

‎04-17-2014 04:23 PM

UDP flood attack can be initiated by sending a large number of UDP packets to random ports on a remote host. As a result, the distant host will:

  • Check for the application listening at that port;
  • See that no application listens at that port;
  • Reply with an ICMP Destination Unreachable packet.

Thus, for a large number of UDP packets, the victimized system will be forced into sending many ICMP packets, eventually leading it to be unreachable by other clients.

To block it you can see the following link

http://kb.cyberoam.com/default.asp?id=1232

Related community topics
Review Cisco Networking for a $25 gift card
Top