Exam PT0-002 topic 1 question 88 discussion

This one is definitely C. Fraggle. Smurf uses ICMP.

Given that ICMP is disabled on the network segment, the penetration tester could use the following for a denial-of-service attack: C. Fraggle Explanation: • Fraggle Attack: A Fraggle attack is similar to a Smurf attack but uses UDP packets instead of ICMP. In this attack, the attacker sends a large amount of UDP traffic to a broadcast address with the source address spoofed to that of the victim. Since ICMP is disabled, the network devices will not respond to ICMP-based attacks, but they might still process and respond to UDP traffic, making Fraggle a viable option.

In a Fraggle attack, an attacker sends a large number of UDP packets to a network's broadcast address. These packets are usually directed to a specific service port, such as the echo service (port 7) or the Chargen service (port 19). The attack exploits network devices that respond to these packets by sending even larger responses to the victim's IP address, thereby overwhelming the victim's network and causing a denial of service.

If ICMP (Internet Control Message Protocol) is disabled on a network segment, it would mean that ICMP-based attacks, like ping flood (option B) and ping of death (option D), would not be effective. ICMP is used in these attacks, and with it disabled, they wouldn't work on that segment. However, the question asks which of the following could be used for a denial-of-service attack on the network segment where ICMP is disabled. Since options B and D rely on ICMP, and option A (Smurf) also uses ICMP, they wouldn't be applicable here. This leaves: C. Fraggle A Fraggle attack is similar to a Smurf attack but uses UDP (User Datagram Protocol) rather than ICMP. Since the question does not mention anything about UDP being disabled, this would be the best choice from the given options for a denial-of-service attack on the network segment where ICMP is disabled.

Fraggle uses UDP echo requests, not ICMP, therefore it has to be the answer.

All of the listed options are types of denial-of-service attacks, but since ICMP is disabled, only Fraggle and Ping of Death would be ineffective in this scenario. A Smurf attack and Ping flood both rely on sending a large number of ICMP echo requests to a network's broadcast address or to a specific host. These attacks can overwhelm the target's network bandwidth and cause a denial of service. Therefore, the correct answer is A. Smurf

Fraggle is similar to a Smurf attack, with one key difference. Instead of using ICMP Echo Request packets, Fraggle uses UDP Echo Request packets, which can cause even greater disruption than a Smurf attack. Fraggle can be more difficult to detect and mitigate than a traditional Smurf attack. Smurf is a type of Distributed Denial of Service (DDoS) attack. It works by sending a large number of ICMP echo request packets from multiple sources to the broadcast address of a remote subnetwork. This floods the network with traffic which can overwhelm the target and cause a denial of service.

C. Fraggle" is a DoS attack that uses User Datagram Protocol (UDP) packets instead of ICMP packets. So if ICMP is disabled on the network segment, an attacker could potentially use a Fraggle attack to flood the network with UDP packets and overwhelm the target network's ability to respond to legitimate requests.

aaaaaaaaaaa

Fraggle does not use ICMP

Fraggle doesn't use icmp

Only C does not contain ICMP protocol A Fraggle Attack is a denial-of-service (DoS) attack that involves sending a large amount of spoofed UDP traffic to a router’s broadcast address within a network. It is very similar to a Smurf Attack, which uses spoofed ICMP traffic rather than UDP traffic to achieve the same goal. Given those routers (as of 1999) no longer forward packets directed at their broadcast addresses, most networks are now immune to Fraggle (and Smurf) attacks.