Twinge attack explained

In Internet-based computer-networking, a Twinge attack is a flood of false ICMP packets in an attempt to cripple a system.[1]

The attack is spoofed, that is, random fake Internet source addresses are used in the ICMP packets. This makes identification of the source of the malicious packets difficult. The idea of the attack is to either degrade the performance of the attacked computer or make it crash. The attacking program is called Twinge, but the ICMP packets have a particular signature which gives the identity away.

As long as the computer is safely behind a router or a firewall, there is nothing to worry about with this attack.[1] With this attack, the adversary intends to prevent the system from operating normally, i.e. a denial of service.[2] Configuring upstream network devices (including firewalls and routers) to ignore ICMP packets from the public Internet will make this almost certainly not succeed.[1]

Notes and References

  1. Book: Jacobs, Stuart . Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance . 2015-12-01 . John Wiley & Sons . 978-1-119-10471-1 . en.
  2. Web site: Twinge_Attack X-Force Signature . 2022-04-10 . exchange.xforce.ibmcloud.com.