virus logo Intrusion Prevention

icmp_flood

description-logoDescription

This indicates the rate of ICMP packet to an IP address is above specified threshold level.
This indicate possible ICMP flood attack that is usually accomplished by broadcasting a large mass of ICMP echo request packets. During the attack, spoofed IP packets containing ICMP echo request with a source address equal to that of the target system and a broadcast destination address are sent to the intermediate netowrk. Sending an ICMP echo request to a broadcast address triggers all hosts included in the network to respond with an ICMP echo reply packet, thus creating a large mass of packets which are routed to the spoofed address of the target system. The target system is then slowed down or even crashed by the flooding packets.

affected-products-logoAffected Products

Any unprotected system that is connected to the Internet

Impact logoImpact

Denial of Service

recomended-action-logoRecommended Actions

Block the abnormal traffic using FortiGate.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 16777316
Created Jul 25, 2012
Updated Dec 02, 2014
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Default Action Unavailable
Active