What Is A Ping (ICMP) Flood DDOS Attack?

Table of Contents

What Is A Ping (ICMP) Flood Attack?

  • Internet Control Message Protocol (ICMP) ping requests are used to check for connectivity and the health of networking devices.
  • In a legitimate ICMP ping, the recipient device replies to an ICMP echo request. The response indicates the health of the recipient.
  • Ping flood attack, commonly called ICMP flood attack, is a form of DDoS attack in which an attacker floods the recipient device by overwhelming it with ICMP echo requests, also known as pings.

How Does A Ping Flood Attack Work?

  • To execute a Ping flood attack, the attacker must know the IP address of the recipient device.
  • For a successful and sustained Ping flood attack, the attacker must have more network bandwidth than the target network. In order to make it viable to overwhelm a target system, attackers generally use botnets.
  • In a Ping flood attack, the recipient device, whose IP address is targeted, is flooded with ICMP echo requests. There is an expectation that the recipient device will reply to an ICMP echo request.
  • To make the target device unreachable and unable to respond to legitimate requests, the attacker floods the target device continuously.
How Does A TCP Flood Attack Work

How Is A Ping Flood Attack Mitigated?

  • It is advisable to monitor the ICMP ping requests on a target device. The target network may implement volume and rate limits to prevent Ping flood attack.
  • Since a Ping flood attack requires a valid IP address to target, secure internal networks using firewalls.
  • In cases of sudden peaks in requests limit the number of ICMP messages and ping requests. Newer approaches block attacks without impacting legitimate traffic by using machine-learning and behavioral-based algorithms to understand what constitutes legitimate behavior profile and then automatically block malicious attacks. This increases protection accuracy while minimizing false positives

Related articles

Radware’s related products

Cloud DDoS Protection Service
Preemptive Multi-Layered DDoS Protection
Research

Hacker’s Almanac

A field guide to understanding and applying threat intelligence for a modern security strategy

Read more

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Contact Us Now

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia

Close

What are you looking for?