Samantha works as an Ethical Hacker for we-are-secure Inc. She wants to test the security of the
we-are-secure server for DoS attacks. She sends large number of ICMP ECHO packets to the
target computer. Which of the following DoS attacking techniques will she use to accomplish the
task?
A.
Smurf dos attack
B.
Land attack
C.
Ping flood attack
D.
Teardrop attack
Explanation:
According to the scenario, Samantha is using the ping flood attack. In a ping flood
attack, an attacker sends a large number of ICMP packets to the target computer using the ping
command, i.e., ping -f target_IP_address. When the target computer receives these packets in
large quantities, it does not respond and hangs. However, for such an attack to take place, the
attacker must have sufficient Internet bandwidth, because if the target responds with an “ECHO
reply ICMP packet” message, the attacker must have both the incoming and outgoing bandwidths
large amount of ICMP echo request traffic to the IP broadcast addresses. These ICMP requests
have a spoofed source address of the intended victim. If the routing device delivering traffic to
those broadcast addresses delivers the IP broadcast to all the hosts, most of the IP addresses
send an ECHO reply message. However, on a multi- access broadcast network, hundreds ofcomputers might reply to each packet when the target network is overwhelmed by all the
messages sent simultaneously. Due to this, the network becomes unable to provide services to all
are sent to the target computer with overlapping offset field values. As a result, the target
B is incorrect. In a land attack, the attacker sends a spoofed TCP SYN packet in which the IP
address of the target is filled in both the source and destination fields. On receiving the spoofed
packet, the target system becomes confused and goes into a frozen state. Now-a-days, antivirus
can easily detect such an attack.