Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ICMP Attacks???????

  • From: Alex Rubenstein
  • Date: Fri Aug 15 12:20:03 1997

Yes. It was interesting. My understanding is that what I am about to tell
you is old news, but here:

Attacker sends a packet with a source address of the victim, with a dest
address to the broadcast of a (pick any) network. Every machine on the
network will then respond with a ICMP reply to the 'source' (the victim).

My understanding is that a 28.8 users could easily fill a T1 (or more)
with this method. We have no proof, but someone did this to us from what
appears to be a ISDN account from PSI, and filled 6 - 7 mb/s of our
Ethernet genuity connection in doing so. It was *not* cool.


On Fri, 15 Aug 1997, Network Admin Account wrote:

> 
> Has anyone been resently attacked by massive flood pings??????  We are
> trying to locate any other ISP's or anyone else having the same problem. 
> 
> 





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.