SpywareGuide powered by Actiance Security Labs
Search SpywareGuide Database & Site
Home Access the Guide
List of Products List of Companies List of Categories
Tools
X-RayPC
Terms and Definitions
 

Ping Flood

Type: Attack

A ping flood is a simple Denial of service attack where the attacker overwhelms the victim with ICMP Echo Request (ping) packets. It only succeeds if the attacker has more bandwidth than the victim (for instance an attacker with a T1 line and the victim on a dial-up modem). The attacker hopes that the victim will respond with ICMP Echo Reply packets, thus consuming outgoing bandwidth as well as incoming bandwidth.


Defense:

To reduce the effects of a ping flood, the victim can use a firewall to filter the incoming ICMP Echo Request packets. This would make his computer not answer back with the ICMP Echo Reply packets.

In this case the defender wastes less bandwidth by not answering these packets with outgoing.

It gets more difficult for the attacker to measure the effectiveness of the attack.

The most effective strategy is to filter only large ICMP Echo Request packets.

In this attack note that you cannot trust the source IP address to be the address of which the packets are originating from since it can be spoofed to make it appear coming from another address. Each packet can also be spoofed to contain a random generated address.

Browse other terms

Recent Modifications
Notice: Undefined variable: incprefix in /data/www/spywareguide/term_show.php on line 144
2022-4-20  Adult Networks/Services
2017-2-10  Adult Hosts
2016-3-30  CoolWebSearch
2015-9-29  Malicious URLS
2015-5-19  Dialers
2015-1-5  Email Threats
2013-7-20  Date Manager
2013-4-10  BeeBus
2012-12-18  JT.Moonwalk
2012-12-18  Sadbiz
 
Company  | Site and Spyware FAQ
© Copyright 2003- Notice: Use of undefined constant Y - assumed 'Y' in /data/www/spywareguide/term_show.php on line 176 2022, Actiance, Inc. All rights reserved.   Privacy Policy