Broadcast radiation

Broadcast radiation

Broadcast radiation is the accumulation of broadcast and multicast traffic on a computer network. Extreme amounts of broadcast traffic constitute a broadcast storm. A broadcast storm can consume sufficient network resources so as to render the network unable to transport normal traffic.

Causes

Most commonly the cause is a redundant switched topology where a loop exists in the Ethernet wiring topology (i.e. two or more links exist between switches). As broadcasts and multicasts are forwarded by switches out every port, the two switches will broadcast each other's broadcasts - creating a switching loop.

In some cases, a broadcast storm can be instigated for the purpose of a denial of service (DOS) using one of the packet amplification attacks, such as the smurf attack or fraggle attack, where smurf sends a large amount of ICMP Echo Requests (ping) traffic to a broadcast address, with each ICMP Echo packet containing the spoof source address of the victim host. [ [http://pintday.org/whitepapers/dos-smurf.shtml pintday.org: Magnification Attacks: Smurf and Fraggle ] ]

When the spoofed packet arrives at the destination network, all hosts on the network reply to the spoofed address. The initial Echo Request is multiplied by the number of hosts on the network. This generates a storm of replies to the victim host tying up network bandwidth, using up CPU resources or possibly crashing the victim.

In wireless networks a disassociation packet spoofed with the source to that of the wireless access point and sent to the broadcast address can generate a disassociation broadcast DOS attack.

Prevention

*Switching loops are largely addressed with spanning tree protocol. In Metro Ethernet rings it is prevented using the Ethernet Automatic Protection System (EAPS) protocol.

*Filtering broadcasts by Layer 3 equipment, typically routers (and even switches that employ advanced filtering called brouters).

*Physically segmenting the broadcast domains using routers (or logically with VLANs) at Layer 3 in the same fashion switches decrease the size of collision domains at Layer 2.

*Routers and firewalls can be configured to detect and prevent maliciously inducted broadcast storms with the magnification attacks.

Misinterpretations

#A common misinterpretation is that routing loops have anything to do with broadcast storms. Working at Layer 3, routers (unlike Layer 2 equipment) do not forward MAC-level broadcast traffic.
#Another misinterpretation is that routers cannot forward broadcasts under special circumstances. Some routable protocols support the use of internetwork-level broadcasts. If the router is configured to forward them, the broadcast domain segmentation is compromised.
#Most commonly it is believed that only routers can impact the broadcast domain or filter broadcasts. As we have seen, switches can blur the layer line (e.g. with VLANs) and can do filtering (they still need a router for forwarding however).
#A misinterpretation is that a broadcast can be responded to with a broadcast. This is not true. A broadcast can, however, be issued to gather information needed to respond to an initially received broadcast. In a redundant looped topology this second broadcast can reach the interface that sent the initial broadcast.

MANET broadcast storms

In a mobile ad-hoc network (MANET), route request (RREQ) packets are usually broadcast to discover new routes. These RREQ packets may cause broadcast storms and compete over the channel with data packets.One approach to alleviate the broadcast storm problem is to inhibit some hosts from rebroadcasting to reduce the redundancy, and thus contention and collision.

References

#Appendix E: Broadcasts in Switched LAN Internetworks [http://www.cisco.com/univercd/cc/td/doc/cisintwk/idg4/nd20e.htm] PDFlink| [http://www.cisco.com/en/US/docs/internetworking/design/guide/nd20e.pdf]
#Defense Against the DoS/DDoS Attacks on Cisco Routers [http://www.securitydocs.com/library/2553] PDFlink| [http://www.securitydocs.com/pdf/2553.PDF] |56.2 KiB
#Disassociation Broadcast Attack Using ESSID Jack [http://manageengine.adventnet.com/products/wifi-manager/disassociation-broadcast-attack.html]
#The Broadcast Storm Problem in a Mobile Ad Hoc Network PDFlink| [http://www.cs.berkeley.edu/~culler/cs294-f03/papers/bcast-storm.pdf] |1.12 MiB


Wikimedia Foundation. 2010.

Игры ⚽ Нужно решить контрольную?

Look at other dictionaries:

  • Broadcast license — A broadcast license is a specific type of spectrum licence that grants the licensee the privilege to use a portion of the radio frequency spectrum in a given geographical area for broadcasting purposes.Licensing is typically performed by… …   Wikipedia

  • radiation — Synonyms and related words: X ray, actinic ray, actinism, arc lighting, asteroids, atomic beam, atomic ray, attenuation, aurora particles, beam, beam of light, black and white, blackout, broadcast, broadcasting, chiaroscuro, circumfusion,… …   Moby Thesaurus

  • broadcast — Synonyms and related words: accessible, advertise, advertisement, affirmed, air, airing, announce, announced, announcement, annunciate, attenuation, bandying, beam, bed, bestrew, blazon, book, broadcasting, brought to notice, bruit about,… …   Moby Thesaurus

  • radiation — I (New American Roget s College Thesaurus) n. dispersion, diffusion, emission, emanation; radiance, illumination. See light. II (Roget s IV) n. 1. [Dissemination] Syn. propagation, dissipation, divarication, polarization, scattering, spread,… …   English dictionary for students

  • List of radiation topics — *absorbed dose *equivalent dose *hormesis *Louis Harold Gray (British physicist) *rad (unit) *radar *radar astronomy *radar cross section *radar detector *radar gun *radar jamming *(radar reflector) corner reflector *radar warning receiver… …   Wikipedia

  • FM broadcast band — The FM broadcast band, used for FM broadcast radio by radio stations, differs between different parts of the world. In Europe and Africa (ITU region 1), it spans from 87.5 to 108.0 megahertz (MHz), while in America (ITU region 2) it goes only… …   Wikipedia

  • Broadcasting (computing) — Not to be confused with Broadcasting. In telecommunication and information theory, broadcasting refers to a method of transferring a message to all recipients simultaneously. Broadcasting can be performed as a high level operation in a program,… …   Wikipedia

  • Transmitter — For biologic transmitters, see transmitter substance. Commercial FM broadcasting transmitter at radio station WDET FM, Wayne State University, Detroit, USA. It broadcasts at 101.9 MHz with a radiated power of 48 kW. In electronics and… …   Wikipedia

  • Ethernet — An 8P8C modular connector (often called RJ45) commonly used on cat 5 cables in Ethernet networks Ethernet   …   Wikipedia

  • Switching loop — Switching loops occur when there is more than one path between two switches in a computer network.A physical topology that contains switching or bridging loops is necessary for reliability, yet a switched network cannot have loops. The solution… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”