00:04
okay, having talked about a Layer three Smurf attack which exploits Ping, among other things, among other vulnerabilities.
00:13
And we talked about how the Smurf
00:15
used to record broadcast in a spoofed source address to take down her to attack an unsuspecting target. Well, there's a very comparable attack called a fraggle attack, and I seriously, I don't make up these names. But the Fraggle attack, instead of using ICMP,
00:34
uses a protocol called UDP, which is Layer four protocol
00:39
all right, and the reason it works exactly the same way as a Smurf except using UDP packets. The reason UDP is more likely to be successful is if you'll remember. One of the ways of mitigating the Smurf attack was to just block ICMP. He'd only got a CMP coming into your network from outside. You can't it?
00:59
It's certainly not helpful to block U T P at your firewall. Many upper layer protocols use UDP User Data Grand Protocol, and it's necessary for things like D N S T h E p. Many trivial file transfer protocol. They're all sorts of upper layer service. Is that need UDP?
01:19
So where's the Smurf? Has a very easy solution. Just block ICMP. Aah! Fraggle
01:23
will rely on other names because it's just very difficult to block U T p at your firewall and still have the necessary service is that you want coming through.
01:33
All right, so now that we are at layer for the transport layer, um, the two main protocols will look at here Gonna be TCP and UDP. Both s S L T L s are also later for protocols. But we talked about those in the cryptography chapter, so Ah, don't forget there later for protocols,
01:53
but we won't go into depth as to what they do Now, quick, aside here
01:56
it is more accurate to say SS lt a less work from layers four through seven of the O S. I model. And I think I've mentioned this, you know, numerous times that very rarely does everything go in a nice, neat look box. But the exam, I think it's expanding, and rather than just forcing you to say this is layer four,
02:15
I think that they're doing a good job now saying across which layers does SSL
02:23
from four through seven. So if they make you put it in a single layer for if they allow you to say S S L T L s focus of operates across multiple layers than its layers four through seven. Okay, don't talk about SS. Lt l s now. All right, this layer TCP and UDP these air kind of
02:45
protocols, if you will. This is what gives us into in data transport and gets that connection between two computers.
02:53
So upper layer Service's and an application layer protocols are gonna piggyback on either TCP or UDP, and which one they pick you back on in A lot of ways really depends on what they need. T C, P and U T P
03:08
um TCP uses what's called guaranteed deliver during that delivery. It's connection or unit. It's guaranteed it's reliable. You know all those words that sound very good.
03:23
All right, So let's say that, um,
03:25
I work for Bob as an administrative assistant and Bob gets a phone call. I've got two ways that I could get that phone. Call the bomb. I can say now and pick up the phone and Paige and take Bob. You have a call on line one.
03:38
I can hang up the phone. Good lunch.
03:40
I've done what I'm supposed to do. I don't know Bob got the message or not, but I put it out there, right? That's fast, but it's not reliable. It's not guaranteed. If it is, you know, like when it's 4 59 in the afternoon, I'm much more likely to go. Bob Call line one CIA
03:59
and out the door, right?
04:00
But to be more diligent on with Dial Bob's extension, I'll take Bob. You have a call on line one. Can you take it?
04:06
He comes back and says, Yes, I can and I push it through.
04:11
And then because I'm so diligent, I'm gonna call back and say, Did you get that call? OK, because I've got another one coming.
04:16
So that's a handshake process. It slows things down, but it gives me guaranteed delivery, and that's exactly what TCP does. It is slower, but it uses a three way handshake process to guarantee delivery, and that three way handshake is sin
04:32
that says, I'm gonna send you something. Let's synchronize. Go ahead and open up an area of space in your memory so that you can process what I'm going to send you
04:42
you come back and say Cenac and I'll say
04:47
If I wanted to prank Bob, I could call Bob and said, Hey, Bob, you got a call on line one. Keep that open.
04:55
I'll keep that open, Bob. You got a call on line to keep that open for me,
05:00
Bob, it's a busy morning. Keep lying. Three open, too. And so what Bob does is he keeps his lines open or the equivalent would be me sending you ascend and you open a little area in memory. And then I send you another sin in the open, more Aryan memory and more sin and more sins and more. Since until eventually all your available memories tied up
05:19
with me promising descended things that never come that's called a sin flood. And of course, that's a layer four
05:25
attack. All right, now, the alternative to that if I don't need that reliable, connection oriented delivery and speed is more important to me than we're gonna go with you, T p user data Graham protocol, um, testable things that would benefit
05:44
streaming any type of media streaming is gonna benefit from using UDP gaming usually uses UDP because think about it. If I'm running down the hallway and the zombies, they're chasing me. I'm not too concerned that every bullet I fire register, I want send a hail of bullets at the zombies. Right? Um,
06:03
You know, instant messaging. If instant messaging weren't live time, it would be called me. Right? So we need that to be very fast, as close to real time as possible. So those elements that speak is most critical. They're gonna use you. TT
06:20
So you d p is connection, Lis.
06:24
There is no handshake, so sometimes it's called the best effort protocol. Could I give it my best? Hope you get it and that's it.
06:33
there's no handshake. There's no flow control. There's It's just very fast. It's out there. Hope you get it
06:42
now. As I mentioned before, many Upper Layer Service's piggyback on Layer four service is everybody's familiar, I'm sure with FTP file transfer protocol. And if you're not, it's a protocol very commonly used for transfer files. Now
06:59
there's an alternative protocol called T F T P
07:02
Trivial file transfer protocol. All right, so we have FTP and T f T P
07:09
well, FTP has toe have guaranteed delivery and it's willing to sacrifice speed.
07:16
So FTP piggybacks on T c p
07:20
Trivial file transfer protocol has to be fast.
07:25
It piggybacks on UDP, and that's really the only difference between file transfer protocol and trivial thought transfer program.
07:32
Okay, so TCP reliable, guaranteed, connection oriented delivery, but slow. UDP is fast, but it does not guarantee delivery.
07:46
And the point of the video, the part of the video I wait for every class I teach.
07:51
What is the best thing about a UDP joke?
07:55
I don't care if you get it or not.
08:00
That's my favorite joke,