Ping Flood and Ping of Death are two commonly perpetrated DoS or Denial of Service Attacks. What are they actually and how to prevent them? Let’s understand that in more detail.
What is Ping Flood?
Ping Flood is a Denial of Service Attack. In this attack, the attacker sends a large number of ICMP Echo requests or ping packets to the targeted victim’s IP address. Attackers mostly use the flood option of ping. As a result, the victim’s machine starts responding to each ICMP packet by sending an ICMP Echo Reply packet.
Now, the victim’s machine takes twice the bandwidth of the attacker – once for receiving the packets and once for sending the replies. So, if the attacker already has a much higher bandwidth than the victim, the victim’s machine will get flooded with network traffic. The victim’s machine will consume a large number of CPU cycles and notice a significant slowdown. This attack is called Ping Flood.
What is the Ping of Death attack?
A correctly formed ping packet is typically 56 bytes in size. But any IPv4 packet may be as large as 65,535 bytes. If the attacker sends a malformed and very large ping packet to the victim’s IP address, the IP packet will split into multiple fragments and reach the targeted victim. When the victim’s machine reassembles the IP fragments, it will end up with an IP packet that is larger than 65,535 bytes. As a result, if the victim’s computer cannot handle that properly, a buffer overflow will happen. It can result in a system crash and potentially allow the injection of malicious code. This type of attack is called the Ping of Death.
An easy way to prevent these attacks is to configure the router or firewall to ignore unnecessary ICMP or ping packets from the Internet.
Interested readers can get more information on how to protect your servers from DDoS attacks here: How to protect your servers from DDoS attacks?
Security Fundamentals Practice Tests
The Security Fundamentals Practice Tests test one’s fundamental knowledge of cyber security. The practice tests are good for those who are preparing for various certification exams like the CCNA, CCNP, or CompTIA. They are also good for students and IT/security professionals who want to improve their understanding of cybersecurity.
0 Comments