Network Bandwidth Attacks

A typical network bandwidth attack involves the echo and chargen (character generator) services. Echo replies with the input it was given, and chargen sends an endless stream of characters to any client. You typically use these two applications to diagnose network problems and to get an estimate of the available bandwidth between two points. However, an attacker might spoof a packet originating from the chargen port of the system with that service running, and send it to the echo service from the broadcast address. If this were to happen, you would have several systems exchanging packets between the echo port and the chargen port.

To mitigate network bandwidth attacks, validate each request from a user before you send an error response.

Copyright © 2005 Microsoft Corporation.
All rights reserved.