What could be the likely cause of this?

Peter has been monitoring his IDS and sees that there are a huge number of ICMP Echo Reply packets that are being received on the External Gateway interface. Further inspection reveals they are not responses from internal hosts request but simply responses coming from the Internet. What could be the likely cause of this?

Peter has been monitoring his IDS and sees that there are a huge number of ICMP Echo Reply packets that are being received on the External Gateway interface. Further inspection reveals they are not responses from internal hosts request but simply responses coming from the Internet. What could be the likely cause of this?

A.
Someone Spoofed Peter’s IP Address while doing a land attack

B.
Someone Spoofed Peter’s IP Address while doing a DoS attack

C.
Someone Spoofed Peter’s IP Address while doing a smurf Attack

D.
Someone Spoofed Peter’s IP address while doing a fraggle attack

Explanation:
An attacker sends forged ICMP echo packets to broadcast addresses of vulnerable networks with forged source address pointing to the target (victim) of the attack. All the systems on these networks reply to the victim with ICMP echo replies. This rapidly exhausts the bandwidth available to the target.



Leave a Reply 0

Your email address will not be published. Required fields are marked *