Smurf Attack Explained

Smurf Attack

A Smurf attack is a denial-of-service (or ‘DoS’) attack from the ’90s based around a ping packet driven offense. At the time, they were known as one of the worst methods of DoS attack the internet had seen. In a Smurf attack, the target’s IP address is spoofed and tons of ICMP packets with the spoofed address are sent out across a computer network through the IP broadcast address. This transforms the network into what is known as a Smurf amplifier, assailing the target computer with a flood of multiplying ICMP replies – the larger the network the computer is on, the more severe the attack becomes. This quickly consumes the network’s bandwidth, impeding the transmission of legitimate packets. Basically, it shuts the network down.

Don’t let Smurf attacks make you blue, however! Due to modern network configuration standards, most networks today are immune to Smurf attacks, and you can easily configure your network to ensure it’s just as safe. You can protect yourself by configuring vulnerable computers and routers to ignore ICMP requests or broadcasts, and otherwise set routers not to forward packets directed to broadcast addresses. Standards were changed to these settings in 1999. Network ingress filtering works as another fix, as it rejects the spoofed packets upon detecting the forged source address.

A Smurf Amplifier Registry also exists to help network service providers identify misconfigured networks to further prevent avoidable Smurf attack woes.

Similar to the Smurf attacks, the Fraggle attacks uses the same technique but with UDP packets instead of ICMP packets.

Source: http://www.ddosprotection.net

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: