Wireless Security - Layer 3 DoS


The idea of this Layer 3 DoS is to overwhelm the host with a large volume of traffic to process, resulting in crashing of a host. Most often, this type of attack is originated from a set of hacker-owned hosts, called botnet and is targeting the victim server on the internet.

The three most common types of Layer 3 DoS attacks are −

Fraggle Attack

Attacker sends a large amount of UDP echo requests to IP broadcast address. The source IP address is spoofed and is set to a victim IP address. By doing that, all the replies originated on by the clients on the broadcast subnet are sent back to the victim.

Ping Flood Attack

Attacker sends a large number of ICMP packet to the target computer using ping. Imagine a malicious party that owns botnet of thousands of PCs. If we imagine a ping flood attack running at the same time from all of those PC, then it may become pretty serious.

Smurf Attack

Exactly the same step by step operation, as in case of Fraggle Attack. The only difference is that, Smurf attack uses ICMP echo request packets, opposite to Fraggle attack that uses UDP packets.

These type of Layer 3 DoS attacks are not specifically wireless technology attacks. They can be used over any Layer 2 technology, either Ethernet, Frame Relay, ATM or Wireless. The main requirement of this attack to be successful, is that the attacker is in control of a large amount of overtaken PCs (botnet). Then particular packets are sent to the target from each and every single infected host in the Botnet - assuming that botnet has 1000+ devices, the cumulative traffic may be significant. Using a Layer 3 DoS from a single PC is not effective at all.