One of the problems with UDP, and why NTP amplification attacks are so attractive, is that it is trivial to spoof the source address - you can't really know, without some higher-level protocol, where the initial packet came from. - M