?
Solved

"ping attack"

Posted on 2006-03-27
13
Medium Priority
?
1,488 Views
Last Modified: 2010-03-05
Hi.
I've been playing an online game recently and i heared that some people can do "ping attacks" on other people, just that it doesnt reboot the attacked computers. but makes his internet laggy...
I have some knowledg about what is ping etc... (atleast i think i do) but i still dont get how they can do it so id like to know that and ofcourse how to defend myself against it.

thank you.
0
Comment
Question by:ofirkarin
13 Comments
 
LVL 27

Accepted Solution

by:
Tolomir earned 120 total points
ID: 16298720
Best way to defend against ping attacks is to block icmp packets.

This can be done with a personal firewall like zonealarm or even better a soho router with NAT support, so the ping requests will be simply dropped.

You computer gets busy because one could send a "65.000 byte ping answer" request as ping command, this way of cause your computer gets quite busy.

Tolomir
0
 
LVL 2

Assisted Solution

by:prasanna_lakkundi
prasanna_lakkundi earned 60 total points
ID: 16299077
Enable the firewall settings through your anti virus software which you protect your PC from any attack.

If you have a XP then you can enable the same from your Control Panel->Internet Firewall.
0
 

Author Comment

by:ofirkarin
ID: 16299186
Umm, i knew the firewalls suppose to defend from these kinds of stuff but i heared about some people who did it to others and im quite sure they had firewalls and still they got massive lags, so i guess there is a way to get arround it no ? well anyway, i also wanna understand how it possible, i mean, they attackers just go to comand promt and ping the ip with 65000 bytes or what ?
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 32

Assisted Solution

by:masnrock
masnrock earned 60 total points
ID: 16299372
Essentially you send a large number of ICMP packets of a fairly large size. But also, how is the firewall configured? Ideally, you just want it to drop the packets versus rejecting them. And yes, the attack is something that can be done from the command line, but I'm sure more than a few people are using actual utilities to generate that large amount of traffic for them.
0
 
LVL 1

Assisted Solution

by:Ste_G
Ste_G earned 60 total points
ID: 16299379
Hi ofrikarin

Ping of death as it is called is a type of DoS attack in which the attacker sends a ping request that is larger than 65,536 bytes, which is the maximum size that IP allows. While a ping larger than 65,536 bytes is too large to fit in one packet that can be transmitted, TCP/IP allows a packet to be fragmented, essentially splitting the packet into smaller segments that are eventually reassembled. Attacks took advantage of this flaw by fragmenting packets that when received would total more than the allowed number of bytes and would effectively cause a buffer overload on the operating system at the receiving end, crashing the system.

It's very rare these days though as windows is quite up to date regarding these attacks, I game alot and sit behind a standard firewall. Lags these days are more likely cause by hardware, ie packet lose or choke.

I hope this has explained the process a little better for you.

Cheers
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 16299391
There are usecases when an incoming ping must be accepted for better performance, so one cannot block pings entirely. There are gameserveers relying on pings to the client computer to check the throughput / response time.

In case of ping attacks one has to block these pings of cause.

Tolomir
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 16299403
0
 

Author Comment

by:ofirkarin
ID: 16299735
Ste_G - I heared somewhere about pinging over that size but what im asking about is pinging someone to make his internet slow, not to reboot his machine...

From what i understand from all of you, its kinda immpossible to ping anyone today that's using a firewall cause the request will time out right ?
so i guess it was just rumors or something, just that it was really wierd, for example, i knew that someone is always pinging someone else, the minute the man would log on, you could see the other one gets laggy and all, and when the attacker will log out you could see that the attacked person was normall again... i dont know what to think really... and im sure the attacked person has standart windows xp firewall...

Anyway, thank you very much.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 16299812
Of cause the internet becomes slow, if the network card has to answer big ping packets. Pings can eat up most part of the bandwidth if processed by the netword card and not dropped before.

Tolomir



0
 

Author Comment

by:ofirkarin
ID: 16299831
um ye, but as i understood, if the man has a firewall, its immpossible to ping him (?)
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 16299907
As I said, one could have the firewall configured to allow incoming pings.

But if the firewall is configured to drop those icmp-piong packets, no harm should be done to the computer. Of cause, if you send big packets to any computer/firewall etc. you reduce the possible download bandwidth so internet can become slow.

 
0
 

Author Comment

by:ofirkarin
ID: 16299935
aha, well ok, i think i get it more or less, but if i ping an ip adress which firewall is set to drop those packets, and i get request timed out, it has some effect ?
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 16299980
if you have 1000 computers all pinging that firewall - for sure...

0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An overview of cyber security, cyber crime, and personal protection against hackers. Includes a brief summary of the Equifax breach and why everyone should be aware of it. Other subjects include: how cyber security has failed to advance with technol…
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question