BLACKNURSE Attack One Device Shutdown the Most Powerful Servers
Many of the cyber attacks in recent times have become more widespread are denial of service attacks that do not require skills in dramatic tests important. Imagine now the hacker easily reduces the denial of service package is very strong and imaginary and the lowest servers only all that Hua needs one computer only with BLACKNURSE attack .
The researchers have now confirmed that the hacker can launch an attack with limited resources only for one laptop and at the same time accept at least 15Mbps data and shutdown a large server.
The attack is called the BlackNurse Attack or the low rate of the Ping of Death attack.
The attack is executed by sending a small packet of ICMP packets, which are short for Internet Control Message Protocol or pings, which puts heavy pressure on firewall-protected server processors such as Cisc.
How does the attack work?
By sending ICMP packets Type 3 Hacker attacks DoS attack loading the server processor is a huge pressure as this server is protected by a firewall of the types we mentioned earlier in that there is no firewall that does not happen the attack of this type.
The attack is not large where the range of attack may be between 15Mbps to 18Mbps and the equivalent of 40 thousand to 50 thousand packets per second in that the devices in the network can not connect to the Internet in the event of an attack was continuing.
BlackNurse attack is more than a normal flood attack where it depends on ICMP Type 3 Code 3 (Port Unreachable).
– Cisco ASA 5506, 5515, 5525 (default settings)
– Cisco ASA 5550 (legacy) and 5515-X (latest generation)
– Cisco Router 897 (can be mitigated)
– SonicWall (misconfiguration can be changed and mitigated)
– Some unverified Palo Alto
– Zyxel NWA3560-N (wireless attack from LAN side)
– Zyxel Zywall USG50
Information security engineers can detect the attack by using special IDS tools such as SNORT to detect attack.
There has also been a significant increase in Denial of Service attacks in recent years due to significant damage to private companies and government facilities and may be more damaging than penetration.
There were also tools available to do this attack, checking the infected IP addresses and where Cisco has fixed the problem in the products. Many companies are still vulnerable to attacks, denial of service and causing the worst damage in history.