"ping attack"

Hi.
I've been playing an online game recently and i heared that some people can do "ping attacks" on other people, just that it doesnt reboot the attacked computers. but makes his internet laggy...
I have some knowledg about what is ping etc... (atleast i think i do) but i still dont get how they can do it so id like to know that and ofcourse how to defend myself against it.

thank you.
ofirkarinAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

TolomirAdministratorCommented:
Best way to defend against ping attacks is to block icmp packets.

This can be done with a personal firewall like zonealarm or even better a soho router with NAT support, so the ping requests will be simply dropped.

You computer gets busy because one could send a "65.000 byte ping answer" request as ping command, this way of cause your computer gets quite busy.

Tolomir

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
prasanna_lakkundiCommented:
Enable the firewall settings through your anti virus software which you protect your PC from any attack.

If you have a XP then you can enable the same from your Control Panel->Internet Firewall.
ofirkarinAuthor Commented:
Umm, i knew the firewalls suppose to defend from these kinds of stuff but i heared about some people who did it to others and im quite sure they had firewalls and still they got massive lags, so i guess there is a way to get arround it no ? well anyway, i also wanna understand how it possible, i mean, they attackers just go to comand promt and ping the ip with 65000 bytes or what ?
IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.

masnrockCommented:
Essentially you send a large number of ICMP packets of a fairly large size. But also, how is the firewall configured? Ideally, you just want it to drop the packets versus rejecting them. And yes, the attack is something that can be done from the command line, but I'm sure more than a few people are using actual utilities to generate that large amount of traffic for them.
Ste_GCommented:
Hi ofrikarin

Ping of death as it is called is a type of DoS attack in which the attacker sends a ping request that is larger than 65,536 bytes, which is the maximum size that IP allows. While a ping larger than 65,536 bytes is too large to fit in one packet that can be transmitted, TCP/IP allows a packet to be fragmented, essentially splitting the packet into smaller segments that are eventually reassembled. Attacks took advantage of this flaw by fragmenting packets that when received would total more than the allowed number of bytes and would effectively cause a buffer overload on the operating system at the receiving end, crashing the system.

It's very rare these days though as windows is quite up to date regarding these attacks, I game alot and sit behind a standard firewall. Lags these days are more likely cause by hardware, ie packet lose or choke.

I hope this has explained the process a little better for you.

Cheers
TolomirAdministratorCommented:
There are usecases when an incoming ping must be accepted for better performance, so one cannot block pings entirely. There are gameserveers relying on pings to the client computer to check the throughput / response time.

In case of ping attacks one has to block these pings of cause.

Tolomir
TolomirAdministratorCommented:
ofirkarinAuthor Commented:
Ste_G - I heared somewhere about pinging over that size but what im asking about is pinging someone to make his internet slow, not to reboot his machine...

From what i understand from all of you, its kinda immpossible to ping anyone today that's using a firewall cause the request will time out right ?
so i guess it was just rumors or something, just that it was really wierd, for example, i knew that someone is always pinging someone else, the minute the man would log on, you could see the other one gets laggy and all, and when the attacker will log out you could see that the attacked person was normall again... i dont know what to think really... and im sure the attacked person has standart windows xp firewall...

Anyway, thank you very much.
TolomirAdministratorCommented:
Of cause the internet becomes slow, if the network card has to answer big ping packets. Pings can eat up most part of the bandwidth if processed by the netword card and not dropped before.

Tolomir



ofirkarinAuthor Commented:
um ye, but as i understood, if the man has a firewall, its immpossible to ping him (?)
TolomirAdministratorCommented:
As I said, one could have the firewall configured to allow incoming pings.

But if the firewall is configured to drop those icmp-piong packets, no harm should be done to the computer. Of cause, if you send big packets to any computer/firewall etc. you reduce the possible download bandwidth so internet can become slow.

 
ofirkarinAuthor Commented:
aha, well ok, i think i get it more or less, but if i ping an ip adress which firewall is set to drop those packets, and i get request timed out, it has some effect ?
TolomirAdministratorCommented:
if you have 1000 computers all pinging that firewall - for sure...

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.