O'Reilly logo

Network Security Principles and Practices by Saadat Malik

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Using ACLs to Recognize Denial of Service Attacks

ACLs on routers can serve the important purpose of recognizing attacks. This is a critical functionality that can allow a service provider to set up mechanisms to thwart an attack soon after it starts.

One of the most common ways of using an access list in this manner is to use it to recognize a packet flood in the form of a smurf attack. The following sections describe using a set of ACLs to achieve this goal.

Using an Access List to Recognize a Smurf Attack

A smurf attack, shown in Figure 21-3, is a DoS attack. An attacker sends a ping echo request to a broadcast address on a network. The source address of the echo request is the IP address of the attack's intended victim. Because the destination ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required