From: "Saved by Windows Internet Explorer 9" Subject: Packet drop attack - Wikipedia, the free encyclopedia Date: Mon, 27 Feb 2012 18:25:16 +0800 MIME-Version: 1.0 Content-Type: multipart/related; type="text/html"; boundary="----=_NextPart_000_0000_01CCF57D.2770C200" X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6002.18463 This is a multi-part message in MIME format. ------=_NextPart_000_0000_01CCF57D.2770C200 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Location: http://en.wikipedia.org/wiki/Packet_drop_attack =EF=BB=BF
In computer=20 networking, a packet drop attack or blackhole attack = is a type=20 of denial-of-= service=20 attack in which a router that is supposed to relay pac= kets=20 instead discards them. This usually occurs from a router becoming = compromised=20 from a number of different causes. One cause mentioned in research is = through a=20 denial-of-service attack on the router using a known DDoS tool.[1]=20 Because packets are routinely dropped from a lossy network, the packet = drop=20 attack is very hard to detect and prevent.
The malicious router can also accomplish this attack selectively, = e.g. by=20 dropping packets for a particular network destination, at a certain time = of the=20 day, a packet every n packets or every t seconds, or a = randomly=20 selected portion of the packets. This is rather called a gray hole=20 attack. If the malicious router attempts to drop all packets that = come in,=20 the attack can actually be discovered fairly quickly through common = networking=20 tools such as traceroute. Also, when other routers notice that the = compromised=20 router is dropping all traffic, they will generally begin to remove that = router=20 from their forwarding tables and eventually no traffic will flow to the = attack.=20 However, if the malicious router begins dropping packets on a specific = time=20 period or over every n packets, it is often harder to detect = because some=20 traffic still flows across the network.[1]
The packet drop attack can be frequently deployed to attack Wireless = Ad-Hoc=20 Networks. Because wireless networks have a much different architecture = than that=20 of a typical wired network, a host can broadcast that it has the = shortest path=20 towards a destination. By doing this, all traffic will be directed to = the host=20 that has been compromised, and the host is able to drop packets at = will.[2]=20 Also over a Mobile Ad-Hoc Network, hosts are specifically vulnerable to=20 collaborative attacks where multiple hosts will become compromised and = deceive=20 the other hosts on the network.[3]
= | This computer networking article is a stub. You = can help=20 Wikipedia by expanding=20 it. |