leumas
asked on
Icmp flooding
What is icmp flooding ?
Thanks and Regards.
Thanks and Regards.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
> .. and your entire network just crumples down
which network? Not mine :-))
which network? Not mine :-))
IMO, Shoeb_786 is incorrect, in part merely rephrasing question.
ditto ahoffmann * 2
although more elaborate comments could be made
this not a good time (esp for 10p)
ditto ahoffmann * 2
although more elaborate comments could be made
this not a good time (esp for 10p)
ICMP flooding is basically just sending an echo request ICMP packet (like from a ping) to a broadcast address. Normally, NIC cards will only respond to their own IP address. However, they will also respond to the broadcast address for their subnet (which is generally the last address on the subnet). By sending the echo request to the broadcast address, *theoretically* every machine on the subnet will reply to the request with the ICMP echo reply packet. This kind of flooding becomes even more insidious when the requester uses a forged source IP address, because assuming the victim doesn't flood his router with the reply, the replies will all be directed at the forged source IP address, another hapless victim.
In practice, most routers or firewalls are set to not allow directed broadcasts. That will prevent this type of attack (at least from the outside).
In practice, most routers or firewalls are set to not allow directed broadcasts. That will prevent this type of attack (at least from the outside).
ping
ASKER
thx
ASKER
thx
ping -s 1000000 -t 255 -f -i 0.01 -l 1000000