Problem:
Unauthorized users can disrupt your service or consume your available network bandwidth by sending a constant stream of forged ICMP packets to your system(s).
Known as a "Ping Flood" attack, computer hackers send a steady stream of PING packets (known as "echo request" packets) to your system(s). In many cases, this flood of traffic can consume system resources, and even consume significant amounts of bandwidth on mid to low speed connections (eg; T1 and below).
Solutions:
*
Block Traffic
In most cases, you can simply deny ICMP packets on your network firewalls to prevent the traffic from affecting your systems. However, since the traffic is still traversing your access line, you need to ensure your Internet Service Providor is involved.
*
Report abuse to your Internet Service Provider
When a Denial Of Service attack is detected on your systems, contact the Security Department of your Internet Service Providor to have them assist in tracking down the source of the active attack.
1 comment:
One of the oldest network attacks around. It's goal is to saturate the network with ICMP traffic. No very effective today, because it requires a large amount of bandwidth to be successful. However a small variation of the attack method can make it still feasible.
Recently I just came across a good article on "ICMP Overview"
Here is its link.
Post a Comment