Malacious Pinging

2007 April 17
by 40urs3r1ous

PING 101


This is an introduction to the world of computer pinging. If your completely foreign to the concept, this is a good read. This is probably one of the fundamentals to the world of hacking, and a must know to anyone looking to get into such an area.

ICMP is used by the IP layer to send one-way informational messages to a host. There is no authentication in ICMP, which leads to attacks using ICMP that can result in a denial of service, or allowing the attacker to intercept packets. There are a few types of attacks that are associated with ICMP shown as follows:

  • ICMP DOS Attack : Attacker could use either the ICMP “Time exceeded” or “Destination unreachable” messages. Both of these ICMP messages can cause a host to immediately drop a connection. An attacker can make use of this by simply forging one of these ICMP messages, and sending it to one or both of the communicating hosts. Their connection will then be broken. The ICMP “Redirect” message is commonly used by gateways when a host has mistakenly assumed the destination is not on the local network. If an attacker forges an ICMP “Redirect” message, it can cause another host to send packets for certain connections through the attacker’s host.
  • ICMP packet magnification (or ICMP Smurf): An attacker sends forged ICMP echo packets to vulnerable networks’ broadcast addresses. All the systems on those networks send ICMP echo replies to the victim, consuming the target system’s available bandwidth and creating a denial of service (DoS) to legitimate traffic.
  • Ping of death: An attacker sends an ICMP echo request packet that’s larger than the maximum IP packet size. Since the received ICMP echo request packet is larger than the normal IP packet size, it’s fragmented. The target can’t reassemble the packets, so the OS crashes or reboots.
  • ICMP PING flood attack: A broadcast storm of pings overwhelms the target system so it can’t respond to legitimate traffic.
  • ICMP nuke attack: Nukes send a packet of information that the target OS can’t handle, which causes the system to crash.

ICMP Attacks Mitigation
Most ICMP attacks can be effectively reduced by deploying Firewalls at critical locations of a network to filter un-wanted traffic and from iffy destinations. In addition, to keep a reasonable balance between services and security, you should configure your ICMP parameters in your network devices as follows:

  • Allow pingCMP Echo-Request outbound and Echo-Reply messages inbound.
  • Allow tracerouteTTL-Exceeded and Port-Unreachable messages inbound.
  • Allow path MTUICMP Fragmentation-DF-Set messages inbound.
  • Blocking other types of ICMP traffic


^ICMP Smurf Attack^

lol…
If you’re wondering how you can take part in this kewl experience :D its actually very easy. All you need is a ping client (Command Prompt) or Dedicated Tool. A dedicated tool is just a small program that is designed to ping, and ping only. To save you the time of searching for a good, SAFE tool, ive uploaded one of my favs: (google it, its a safe and free dl)



Host: The Persons IP Address
Packet Size: How big the “file” your sending is
Pings: Number of Pings
Local Timeout: How Long It Takes For Each Ping

Example Of My Settings:
Host: 208.100.29.142:2302 (jk)
Packet Size: 64kb (the smaller the more effective i find, because our upload speeds are slow)
Pings: 5000
Local Timeout: 1

Possible Problems?

Well, if by now your asking why this sounds so easy,and wondering why people dont do it all the time? THERE IS A DOWNSIDE

Well, if by now your asking why this sounds so easy,and wondering why people dont do it all the time? THERE IS A DOWNSIDE

Today, technology is kick ass. Computers arnt stupid anymore for the most part, and will block your pings. If your target is using a router, you might not be able to ping them successfully. Also, if they have a desent firewall, you might have issues too. Allot of internet providers block abusive pings too…

All isnt lost tho, you can usually get lucky and find a way around. If you seriously have issues pinging you may want to read up on creating custom packets, where you “write” your own and give them the ability to by-pass a router’s security.

(Halo servers can be pinged very well, example)

(NOTICE THE PING TIMES ME AND VINNY GOT FROM THE HALO SERVER. AROUND 350-500)
-THAT WOULD BE YOUR PING IN THE SERVER…

from → Underground Tips

No comments yet

Leave a Reply

Note: You can use basic XHTML in your comments. Your email address will never be published.

Subscribe to this comment feed via RSS