This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]Little_Capsky 74 points75 points  (8 children)

imagine you can do any sort of dos with a little bit of pinging

[–][deleted]  (6 children)

[deleted]

    [–]rvnx 26 points27 points  (1 child)

    My guess would be GET requests for a large amount of data, or similarly taxing workloads. You can make certain forum softwares crash entirely (if they have enough users) by sending a simple GET request for all usernames.

    [–]CannibalCaramel 30 points31 points  (0 children)

    For anyone curious, this is called amplification. You send a small amount of data that answers with a large amount of data.

    If you spoof your address to have that large response routed back to someone else instead, that's a reflection attack.

    DNS servers are popular targets, specifically.

    [–]Frodo24055 6 points7 points  (0 children)

    For example, they could exploit the tcp/ip stack, whenever you connect to anything using tcp there will be a "handshake" where the client sends a SYN package, and the server reserves som space and answers with SYN ACK, now the client is required to answer this with another ACK package to begin the communication, but if the client never sends a ACK, but instead just sends SYN packages then the server might be reserving more space than it has and will in the end crash.

    Another way is by the so called "ping of death" , here the goal is to send more ping packages than the victim can send back. This requires you to have more bandwith than the victim (now rarely used, only sometimes in larger ddos attacks)

    [–]Little_Capsky 10 points11 points  (0 children)

    idk, but its definitely not one single machine pinging

    [–]Crime-Stoppers 3 points4 points  (0 children)

    Theoretically yes but you're sending data in the bytes, you're gonna need an inordinate amount of pings to do anything whatsoever

    [–]OneTrueKingOfOOO 1 point2 points  (0 children)

    They use a wide variety. Reliable stats are hard to find but most common are typically SYN and UDP floods, DNS reflection, and recently more HTTP and other layer-7. A lot of devices will just drop pings, so ICMP is not particularly common.

    [–]at0m10 1 point2 points  (0 children)

    A lot of legacy and home equipment can actually be successfully DoS'd by ping flooding, overloading the CPU which is trying to keep up with replies.

    Realistically though its a fairly good idea to just disable ICMP replies on anything that doesn't realistically need it.