DDoS Attack : ICMP Flood (Ping Flood)
ICMP (Ping) Flood
One of DDoS Attack method is by volume based attack. ICMP flood or ping flood is the common attack in volume based attack.
What Is A ICMP Flood or Ping Flood Attack
ICMP flood which is better known as ping flood, is a frequent Denial of Service (DoS) attack that in this attack the attacker takes down a computer of the victim by crushing it with ICMP echo request or referred as pings.
The attack contain flooding the victim network with request packets, with aware that the network will respond with equivalent of reply packets. For some cases, there are additional methods in order to takes down the victim’s computer with ICMP requests that including using tool or code. The tools or code is custum, such as scapy and hping.
Read : DDoS Attack : TCP SYN Flood
The tension from the incoming and outgoing channels of the network, wasting significant bandwidth and which produce a denial of service (DoS).
Description Of The Attack
Usually, in order to test the connectivity of two computers using ping request by measuring the round-trip time from when an ICMP echo request is sent and received with an ICMP echo reply. The attacker used to overload a target network with data packets during an attack.
A ping flood attack is excecute dependent on perspective of attackers on the target’s IP address. Thus, the attack can be divided into three categories, based on the target and how its IP address is resolved.
- A targeted local disclosed ping flood targets only a computer on a local network. In order to discover its IP address, the attacker mush have physical access to the computer. If the attack success, it could be takes down the computer target.
- A router disclosed ping flood targets router in purpose to interfere communications between computers on a network. It depend on the knowledge of attacker about the internal IP address of a local router. If the attack success, it could takes down the entire computer that connected to the router.
- A blind ping flood require an external program in order to expose the IP address of the target computer or router..
The ping commands that commonly used by attacker are contain number if times a request is sent (-n), the amount of data sent with each packet (-l) and continue pinging until the host times out (-t).
For the information, the attacking computer mush have more bandwidth access than the victim in order for a ping flood to continual. When against a huge network, this is limitation of execute a Dos attack.
Furthermore, Execute a DDoS attack have a a lot of chance of undergo a ping flood and wasting a target’s resources, if using a botnet.