Question

In order to implement the classic DoS flood attack, the attacker must generate a sufficiently large volume of packets to exceed the capacity of the link to the target organization. Consider an attack using ICMP echo request (ping) packets that are 500 bytes in size (ignoring framing overhead). How many of these packets per second must the attacker send to flood a target organization using a 30-Mbps link? How many per second if the attacker uses a 100-Mbps link? Or a 1-Gbps link?

Answer 1

To flood a bandwidth of W bits with packets of length P bits, the attacker would need W/P packets.
1- For W=30 Mbit and P=500 byte=(500*8)=4000 bits

the attacker would need:

                W/P= 30M/(500*8) = (30*2^20)/(4000)

                      = 7864.32. That is, close to 7865 packets per second.

2- For W=100 Mbit and P=500 byte=(500*8)=4000 bits

the attacker would need:

                W/P= 100M/(500*8) = (100*2^20)/(4000)

                      = 26214.4. That is close to, 26215 packets per second.

3- For W=1Gbps and P=500 byte=(500*8)=4000 bits

the attacker would need:

                W/P= 1G/(500*8) = (2^30)/(4000)

                      = 268435.456. That is close to, 268436 packets per second.