Page tree


An ICMP flood attack is also known as a ping attack in which attackers send a large number of ICMP ping packets to a DNS server repeatedly in order to hinder the server's ability to respond to other requests. It can also be an attempt to send a large number of ping packets to the broadcast IP of a subnetwork, otherwise known as a Smurf attack, as a basic means of amplifying an attack across more hosts than a normal ping would typically permit. These types of attacks can be dealt with by setting a policy to disallow pings to the broadcast IP on the network.


When threat protection is enabled, ICMP ping size (for IPv4 and IPv6) is limited to 16,000 bytes.

This page has no comments.