Question

In: Computer Science

Describe the services of the IP protocol, and potentially ICMP protocol, with respect to flow control...

Describe the services of the IP protocol, and potentially ICMP protocol, with respect to flow control (ensuring the sender does not overwhelm the receiver).

Solutions

Expert Solution

IP Protocol

The IP protocol and its associated routing protocols are possibly the most significant of the entire TCP/IP suite. IP is responsible for the following:

  • IP addressing – The IP addressing conventions are part of the IP protocol. Chapter 3, Planning Your TCP/IP Network (Task) describes IPv4 addressing in detail and Chapter 14, IPv6 (Overview) describes IPv6 addressing in detail.

  • Host-to-host communications – IP determines the path a packet must take, based on the receiving host's IP address.

  • Packet formatting – IP assembles packets into units that are known as IP datagrams. Datagrams are fully described in Internet Layer.

  • Fragmentation – If a packet is too large for transmission over the network media, IP on the sending host breaks the packet into smaller fragments. IP on the receiving host then reconstructs the fragments into the original packet.

What is Internet Control Message Protocol (ICMP)?
Internet Control Message Protocol (ICMP) is a network layer protocol used by network devices to diagnose network communication issues. ICMP is primarily used to determine whether data reaches its intended destination in a timely manner. Usually, ICMP protocol is used on network devices, such as routers. ICMP is important for error reporting and testing, but can also be used for distributed DDoS attacks.

Why does ICMP work?
The main purpose of ICMP is to report an error. When two devices are connected to the Internet, ICMP creates sharing errors with the sending device in case any data does not reach its intended destination. For example, if the data packet is too large for the router, the router will discard the package and send the ICMP message back to the original data source.

The second use of the ICMP protocol is to perform network diagnoses; The most widely used storage devices traceroute and ping both use ICMP. The use of traceroute is used to show the route between two Internet devices. Route is a realistic route for connected routers where the application must pass before it can reach its destination. Trips between one track and another are known as ‘hop,’ and the tracker track also reports the time required for each hop on the way. This can be helpful in determining the sources of network delays.

The use of ping is a simplified version of traceroute. The ping will check the connection speed between the two devices and accurately report how long it takes the data packet to reach its destination and back to the sender device. Although ping does not provide route data or hops, it is still a very useful metrics for measuring latency between two devices. ICMP echo-request and echo response messages are widely used for ping purposes.

Unfortunately network attacks can use this process, creating disruptive mechanisms such as ICMP flood attacks and death ping attacks.

How does ICMP work?
Unlike Internet Protocol (IP), ICMP is not associated with transaction layer protocols such as TCP or UDP. This makes ICMP a non-connecting protocol: one device does not need to open a connection to another device before sending an ICMP message. Normal IP traffic is transmitted using TCP, which means that any two data exchange devices will first perform TCP handshakes to ensure that both devices are ready to receive data. ICMP does not open to open this way. The ICMP protocol also does not allow directing of a specific port on the device.

How is ICMP used in DDoS attacks?
ICMP flood attacks

Ping flood or ICMP flood is when the attacker tries to eradicate the device identified by the ICMP echo application packets. The target must be processed and responded to in each package, consuming computer resources until legitimate users can access the service.

ICMP flood attack:

Ping of death attack

A deadly ping attack is when the attacker sends a ping larger than the maximum allowable packet size to the target machine, causing the machine to catch or explode. The packet is split along the path to the target, but when the target reassembles the packet with its original high-rise size, the size of the pack creates buffer overcrowding.

The ping of death attacks is particularly historical at this point. However, older communication devices may still be affected.

Smurf Attack

In an attack on Smurf, the attacker sends an ICMP package containing a fraudulent IP source address. Network resources turn the package on, send responses to the disabled IP and fill the victim with unwanted ICMP packets. Like the ‘ping of death,’ today Smurf attacks are only possible with legacy machines.

ICMP is not the only network layer process used for layer 3 DDoS attacks. Attackers have used GRE packets in the past, for example.

Typically, the DDoS network layer attacks network infrastructure and infrastructure, in contrast to the application layer attack, which identifies web structures. Cloudflare Magic Transit is one of the best ways to protect against DDoS network attacks.


Related Solutions

Describe the concept of flow control and briefly describe the mechanism/s implemented by the TCP protocol...
Describe the concept of flow control and briefly describe the mechanism/s implemented by the TCP protocol for this purpose.
•Describe security problems inherent to the TCP/IP protocol suite..
•Describe security problems inherent to the TCP/IP protocol suite..
Briefly explain the Flow Control mechanism in Transmission Control Protocol (TCP)
Briefly explain the Flow Control mechanism in Transmission Control Protocol (TCP)
Describe the service TCP provides with respect to flow control and explain the mechanisms it uses...
Describe the service TCP provides with respect to flow control and explain the mechanisms it uses to overcome the deficiencies of IP.
1) a) Describe the design principles of the TCP/IP protocol that explain the decentralised nature of...
1) a) Describe the design principles of the TCP/IP protocol that explain the decentralised nature of the Internet and Web. How does the TCP/IP protocol promote decentralisation? b) Explain how individual machines and end users are empowered by the TCP/IP and HTTP protocols. Give illustrations to support your answers.
Describe the difference between IP and Network Access layer in TCP protocol and also explain the...
Describe the difference between IP and Network Access layer in TCP protocol and also explain the control information embedded in these two layers
Describe the major benefits and concerns of installing Internet Protocol (IP) based cameras for surveillance systems....
Describe the major benefits and concerns of installing Internet Protocol (IP) based cameras for surveillance systems. Name four building types that are suitable for adopting IP-based cameras.。。。。
Explain the sliding window flow protocol and discuss the advantages of this protocol.
Explain the sliding window flow protocol and discuss the advantages of this protocol.
What is the form of an IP address? What protocol is used by all computer connections...
What is the form of an IP address? What protocol is used by all computer connections to the Internet? 1.5 What is the task of a DNS name server?
A protocol architecture, such as the TCP/IP architecture or OSI, provides a framework for standardization. Within...
A protocol architecture, such as the TCP/IP architecture or OSI, provides a framework for standardization. Within such an architecture, the overall communications function is decomposed into a number of distinct layers with a special design principle used. What is this principle and how does it work? Describe in detail.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT