Denial-of-service (DoS) attacks are a popular way to cause targeted service disruptions, typically for extended periods of time. The relative ease and low cost of launching such attacks, aided by a serious lack of any viable defense mechanisms, have made them one of the most common threats on the Internet. In the past, Internet Control Message Protocol (ICMP)-based DoS attacks have used multiple hosts infected with botnets to launch an overwhelming distributed DoS (DDoS) attack to take down major Web servers or perimeter firewalls.
Now, researchers have discovered a new attack technique, called “Black Nurse,” that enables a single computer to generate 15 Mbps of bandwidth traffic and take down major network firewalls. This technique launches low-volume DoS attacks by sending specially formatted ICMP packets that overwhelm the processors on targeted firewalls, shutting them down. This white paper takes a detailed look at how Juniper Networks® SRX Series Services Gateways, as well as firewalls from other industry leaders, recently performed while under a Black Nurse DoS cyberattack.