Ping flood

Ping flood

A ping flood is a simple denial-of-service attack where the attacker overwhelms the victim with ICMP Echo Request (ping) packets. It only succeeds if the attacker has more bandwidth than the victim (for instance an attacker with a DSL line and the victim on a dial-up modem). The attacker hopes that the victim will respond with ICMP Echo Reply packets, thus consuming outgoing bandwidth as well as incoming server bandwidth.

Defense

To reduce the effects of a ping flood, a victim can use a firewall to filter the incoming ICMP Echo Request packets entirely, or if a large number of requests are received at one time. Refusing to send ICMP Echo Reply packets produces two benefits:
#Less bandwidth is wasted by not answering these packets.
#It is more difficult for the attacker to measure the effectiveness of the attack.

However, such a filter will also prevent the measuring of latency from legitimate users which may be undesirable. A compromise solution may be to only filter large ICMP Echo Request packets, or to limit the rate at which your firewall will pass ICMP Echo Request packets.

Note that one cannot trust the source IP address to be the address of which the packets are originating from since it can be spoofed to make it appear as if it is coming from another address. Packets can also be spoofed to contain a randomly generated address.

Other Information

An example ping flood batch file:

ping -f www. [example] .com

See also

*Denial-of-service attack
*Ping
*Ping of death
*Smurf attack


Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • Ping flood — Saltar a navegación, búsqueda Un ping flood, consiste en saturar una línea lenta con un número de paquetes ICMP suficientemente grande. Esta saturación causará una degradación del servicio importante. El ataque en cuestión utiliza las… …   Wikipedia Español

  • Ping flood — Un ping flood (ou ICMP flood) est une forme simple d’attaque par déni de service, où l attaquant inonde le serveur cible de requêtes ping. Ce type d’attaque ne réussit que si l attaquant a plus de bande passante que sa victime (par exemple, un… …   Wikipédia en Français

  • Ping of Death — Ping de la mort Le ping de la mort (en anglais ping of death ou PoD) est une attaque historique de type déni de service réalisé par l envoi de paquet ping malformé. Un ping a normalement une taille de 56 octets (soit 84 octets avec l… …   Wikipédia en Français

  • Ping of death — Ping de la mort Le ping de la mort (en anglais ping of death ou PoD) est une attaque historique de type déni de service réalisé par l envoi de paquet ping malformé. Un ping a normalement une taille de 56 octets (soit 84 octets avec l… …   Wikipédia en Français

  • ping-флуд — (от англ. ping flood, дословно: наводнение (пакетами) ping) тип атаки на сетевое оборудование, ставящий своей целью отказ в обслуживании. Ключевой особенностью (по сравнению с остальными видами флуд атак) является возможность осуществления… …   Википедия

  • Ping-флуд — (от англ. ping flood, дословно: наводнение (пакетами) ping) тип атаки на сетевое оборудование, ставящий своей целью отказ в обслуживании. Ключевой особенностью (по сравнению с остальными видами флуд атак) является возможность осуществления атаки… …   Википедия

  • Ping de la mort — Le ping de la mort (en anglais ping of death ou PoD) est une attaque historique de type déni de service réalisé par l envoi de paquet ping malformé. Un ping a normalement une taille de 56 octets (soit 84 octets avec l entête IP), or… …   Wikipédia en Français

  • Ping — Este artículo o sección necesita ser wikificado con un formato acorde a las convenciones de estilo. Por favor, edítalo para que las cumpla. Mientras tanto, no elimines este aviso puesto el 16 de julio de 2011. También puedes ayudar wikificando… …   Wikipedia Español

  • Ping of death — A ping of death (abbreviated POD ) is a type of attack on a computer that involves sending a malformed or otherwise malicious ping to a computer. A ping is normally 64 bytes in size (or 84 bytes when IP header is considered); many computer… …   Wikipedia

  • Ping — is a computer network tool used to test whether a particular host is reachable across an IP network; it is also used to self test the network interface card of the computer, or as a speed test. It works by sending ICMP “echo request” packets to… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”