Ping flood

A ping flood is a simple denial-of-service attack where the attacker overwhelms the victim with ICMP "echo request" (ping) packets.[1] This is most effective by using the flood option of ping which sends ICMP packets as fast as possible without waiting for replies. Most implementations of ping require the user to be privileged in order to specify the flood option. It is most successful if the attacker has more bandwidth than the victim (for instance an attacker with a DSL line and the victim on a dial-up modem). The attacker hopes that the victim will respond with ICMP "echo reply" packets, thus consuming both outgoing bandwidth as well as incoming bandwidth. If the target system is slow enough, it is possible to consume enough of its CPU cycles for a user to notice a significant slowdown.

A ping flood can also be used as a diagnostic for network packet loss and throughput issues.[2]

  1. ^ Stiawan, Deris; Suryani, Meilinda Eka; Susanto; Idris, Mohd Yazid; Aldalaien, Muawya N.; Alsharif, Nizar; Budiarto, Rahmat (2021). "Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things (IoT) Network". IEEE Access. 9: 116475–116484. doi:10.1109/ACCESS.2021.3105517. ISSN 2169-3536. S2CID 237319101.
  2. ^ "linux.redhat.release.nahant.general - Low bandwidth to localhost - msg#00176 - Programming Mailing Lists". 6 November 2020.