Home > CAPEC List > CAPEC-590: IP Address Blocking (Version 2.10)  

CAPEC-590: IP Address Blocking

 
IP Address Blocking
Definition in a New Window Definition in a New Window
Attack Pattern ID: 590
Abstraction: Detailed
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An adversary performing this type of attack drops packets destined for a target IP address. The aim is to prevent access to the service hosted at the target IP address.

+ Attack Prerequisites
  • This attack requires the ability to conduct deep packet inspection with an In-Path device that can drop the targeted traffic and/or connection.

+ Typical Severity

High

+ Typical Likelihood of Exploit

Likelihood: Low

+ Examples-Instances

Description

Consider situations of information censorship for political purposes, where regimes that prevent access to specific web services.

+ Solutions and Mitigations

Have a large pool of backup IPs built into the application and support proxy capability in the application.

+ Attack Motivation-Consequences
ScopeTechnical ImpactNote
Availability
Other
Blocking packets intended for a target IP address denies its availability to the user.
+ References
[R.17.1] [REF-2] Abdelberi Chaabane, Terence Chen, Mathieu Cunche, Emiliano De Cristofaro, Arik Friedman and Mohamed Ali Kaafar. "Censorship in the Wild: Analyzing Internet Filtering in Syria". IMC 2014. February 2014.
+ Content History
Submissions
SubmitterDateSource
Seamus Tuohy2017-01-12External_Submission

More information is available — Please select a different filter.
Page Last Updated or Reviewed: May 01, 2017