In addition to filtering TCP services, extended lists can filter UDP services entering or exiting the network. These connectionless protocols must be filtered.

An example of a UDP vulnerability is an attack called a UDP bomb. If a hacker can spoof an address on the internal network, and is able to find one host with port 7 open and another with port 19 open, a UDP attack can be launched.