Ping flooding (fwd)
David R. Conrad
davidc at apnic.net
Tue Jul 9 02:57:23 UTC 1996
>yes, forging a ping attack is pretty easy and can be done from
>anywhere with any source address
Yeah, but forging TCP syn attacks are more fun (fill up those TCBs).
Denial of service attacks are a real pain, particularly as they are so
easy to implement and so hard to defend against. Of course, this
isn't limited to the Internet (as a person who has been victimized by
a rapid redailing fax machine at 4:00 AM can attest).
>the routing proximity is irrelavant, since the
>source is not looked at (unless filters have been put in place, such
>as what the upstream provider has apparently done).
About the only way you can stop this attack would be for ISPs to
filter out bogus source addresses from their customers. Of course,
then the mobile IP people would whine. However, given a future of
more attacks of this nature, I think the mobile IP people are going to
More information about the NANOG