Jump to content

Ping flood

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Mindmatrix (talk | contribs) at 23:16, 16 February 2020 (revert - were you thinking of Xmas tree attack?). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

A ping flood is a simple denial-of-service attack where the attacker overwhelms the victim with ICMP "echo request" (ping) packets. This is most effective by using the flood option of ping which sends ICMP packets as fast as possible without waiting for replies. Most implementations of ping require the user to be privileged in order to specify the flood option. It is most successful if the attacker has more bandwidth than the victim (for instance an attacker with a DSL line and the victim on a dial-up modem). The attacker hopes that the victim will respond with ICMP "echo reply" packets, thus consuming both outgoing bandwidth as well as incoming bandwidth. If the target system is slow enough, it is possible to consume enough of its CPU cycles for a user to notice a significant slowdown.

A flood ping can also be used as a diagnostic for network packet loss and throughput issues.[1]

See also

References

  1. ^ "linux.redhat.release.nahant.general - Low bandwidth to localhost - msg#00176 - Programming Mailing Lists".