How to enable ICMP ECHO but still protect against ICMP DoS attacks? [WAS: Are ICMP packets not important for a hosted machine?]

[shimi]

On Tue, Oct 19, 2010 at 9:34 PM, Maxim Veksler <maxim at vekslers.org> wrote:

> Follow up question:
>
> ICMP can be used for DoS. Cool.
>
> How does google battle with that? All google services are ping'able (which
> is very cool obviously).
>
>
DoSing 10k's (100k's ?) on a worldwide geographically distributed cloud of
servers is a bit more difficult than one (10. 100. typical hosting
facility..), for starters. I assume they also do rate limiting on how much
you can ping them, and just discard attacks when it goes above a certain
threhold. I know I do :)


> How do they protect against the attack?, surly there are enough script
> kiddies that constantly try to DoS Google.
>
>
See above. They also have a similar limit on the HTTP level; If you query
google too much from a single IP, you'll be blocked and they'll refuse to
solve queries for you, before you solve their CAPTCHA.

-- Shimi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20101019/07532f97/attachment.html>