| Smurf Attack |
Article Index for Smurf |
Website Links For Attack |
Information AboutSmurf Attack |
| CATEGORIES ABOUT SMURF ATTACK | |
| denial-of-service attacks | |
|
The smurf attack, named after its exploit program, is a Denial-of-service Attack that uses Spoofed broadcast Ping messages to flood a target system. In such an attack, a perpetrator sends a large amount of ICMP echo (ping) traffic to IP broadcast addresses, all of it having a spoofed source address of the intended victim. If the routing device delivering traffic to those broadcast addresses performs the IP broadcast to layer 2 broadcast function, most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply, multiplying the traffic by the number of hosts responding. On a multi-access broadcast network, hundreds of machines might reply to each packet.
As an example as to how simply a network could be secured to prevent the network from "attacking" other networks, issuing the router command to a network with a Cisco router no ip directed-broadcast(Please note that this example does not prevent a network from becoming the target of smurf attack; it merely prevents the network from "attacking" other networks, or better said, taking part in a smurf attack.) A smurf amplifier is a computer network that lends itself to being used in a Smurf Denial Of Service attack. Smurf amplifiers act to amplify (worsen the severity of) a smurf attack because they are configured in such a way that they generate a large number of ICMP replies to a spoofed source IP address (the victim of the attack). REFERENCES SEE ALSO EXTERNAL LINKS
|
|
|