This web page documents our datasets related to ICMP Rate Limiting. Rate Limiting is a facility provided in all routers to allow network administrators to control access to their networks. In most routers, rate limiting can be configured in several ways. Administrators may do traffic policing, limiting inbound ICMP (or TCP or UDP) to prevent Denial-of-Service (DoS) attacks against internal networks. Routers also often rate- limit generate of ICMP error messages (ICMP types 3 and 11, called here ICMP NACKs) to prevent use of the router to attack others (an attacker generate a stream ICMP NACK-generating traffic, spoofing a victim’s address to amplify the attack’s effects)
Our first tech report [1] describes methods we developed for detecting ICMP rate limiting and discusses ICMP rate limitings found in real-world.
We list all datatasets used in the tech report below (and in Table 1 of the paper). Datasets are available upon request.
Datasets:
See address_surveys/format.html for Data format for Internet Census and Survey datasets.
For data listed above, see our datasets request page for details about how to get these datasets.