-
Notifications
You must be signed in to change notification settings - Fork 20
Spoofing or Fraggle attacks
Spoofing and Fraggle attacks are two distinct types of network-based Denial of Service (DoS) attacks that exploit vulnerabilities in network protocols to overwhelm victim servers or networks.
Spoofing attacks involve the manipulation of network packet headers to falsify the source IP address. Attackers send network packets with forged source IP addresses, making it appear as if the packets originate from a different sender. By disguising their identity, attackers can bypass network security measures and launch various types of attacks, including DoS attacks. Spoofing attacks can overwhelm victim servers or networks with a flood of malicious traffic, leading to service disruptions and resource exhaustion.
Fraggle attacks are a variant of Distributed Reflective Denial of Service (DRDoS) attacks that exploit amplification vulnerabilities in the ICMP and UDP protocols. Attackers send a high volume of spoofed packets to network devices that respond to ICMP or UDP requests, such as misconfigured routers or servers. These devices unwittingly amplify the incoming traffic by responding to the spoofed requests with significantly larger responses, directing a massive amount of traffic toward the target. Fraggle attacks can quickly overwhelm victim systems and exhaust their resources, resulting in service disruptions and network congestion.
Spoofing and Fraggle attacks can have severe consequences for targeted systems and networks, including:
-
Denial of Service (DoS): Both spoofing and Fraggle attacks can lead to a denial of service by overwhelming victim servers or networks with excessive traffic. Legitimate users are unable to access services, causing financial losses, customer dissatisfaction, and reputational damage.
-
Resource Exhaustion: Spoofing and Fraggle attacks consume significant network and server resources. The volume of malicious traffic floods network links, routers, and servers, resulting in resource depletion, performance degradation, and potential system crashes.
-
Network Congestion: Fraggle attacks, in particular, create network congestion by amplifying and redirecting traffic to the target. The victim's network becomes saturated with amplified responses, leading to latency, packet loss, and degradation of overall network performance.
We just enable the reverse-path filter and disallow broadcasted traffic while blocking invalid packets + DNS/NTP Reflection payloads, ensuring that your server cannot be used as a TCP/ICMP/UDP reflector any longer. But, thats not all :)