CAPEC-487
Benachrichtigung für ein CAPEC
Bleiben Sie über alle Änderungen zu einem bestimmten CAPEC informiert.
CAPEC-Beschreibungen
An adversary may execute a flooding attack using the ICMP protocol with the intent to deny legitimate users access to a service by consuming the available network bandwidth. A typical attack involves a victim server receiving ICMP packets at a high rate from a wide range of source addresses. Additionally, due to the session-less nature of the ICMP protocol, the source of a packet is easily spoofed making it difficult to find the source of the attack.
CAPEC-Informationen
Voraussetzungen
This type of an attack requires the ability to generate a large amount of ICMP traffic to send to the target server.Gegenmaßnahmen
To mitigate this type of an attack, an organization can enable ingress filtering. Additionally modifications to BGP like black hole routing and sinkhole routing(RFC3882) help mitigate the spoofed source IP nature of these attacks.Verwandte Schwachstellen
| Name der Schwachstelle | |
|---|---|
CWE-770 |
Allocation of Resources Without Limits or Throttling The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
Einreichung
| Name | Organisation | Datum | Veröffentlichungsdatum |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Änderungen
| Name | Organisation | Datum | Kommentar |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses | |
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings | |
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings |
