From charlesreid1

About Smurf Attack

The smurf attack leverages the power of numbers, without needing to control a large number of machines. Normally, when you send a computer a ping packet, the computer will respond with an ICMP echo packet. This is the packet equivalent of the client saying "Hi, are you there?" and the server saying "Hi, I'm here." But this can also be abused by crafting packets that look like they came from a sheep machine, saying "Hi, are you there?" By crafting a huge number of these packets and blasting them to every computer on a network, it generates an enormous number of replies saying "Hi, I'm here," all of which will hammer the sheep machine.

This is an older attack, and many networks make themselves immune to participating in smurf attacks (meaning, the crafted packets are dropped by the network router, preventing them from reaching machines on the network that would otherwise respond to such packets). However, this does not provide protection from being a target of a smurf attack.

A Smurf amplifier is a computer network that lends itself to being used in a Smurf attack. Smurf amplifiers act to worsen the severity of a Smurf attack because they are configured in such a way that they generate a large number of ICMP replies to the victim at the spoofed source IP address.


Related Pages