IP Address Sweeps

An address sweep occurs when one source IP address sends a defined number of ICMP packets sent to different hosts within a defined interval (5000 microseconds is the default). The purpose of this attack is to send ICMP packets—typically echo requests—to various hosts in the hopes that at least one replies, thus uncovering an address to target.

Using the default settings, if a remote host sends ICMP traffic to 10 addresses in 0.005 seconds (5000 microseconds), then the device flags this as an address sweepattack andrejects allfurtherICMP packets fromthat host for the remainder of the specified threshold time period.

Address Sweep

2 thoughts on “IP Address Sweeps

Leave a Reply

Your email address will not be published. Required fields are marked *