Smurf IP Denial of Service Attack (DDOS)



The "smurf" attack, named after its exploit program, is one of the most recent in the category of network-level attacks against hosts. A perpetrator sends a large amount of ICMP echo (ping) traffic at IP broadcast addresses, all of it having a spoofed source address of a victim. If the routing device delivering traffic to those broadcast addresses performs the IP broadcast to layer 2 broadcast function noted below, most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply each, multiplying the traffic by the number of hosts responding. On a multi-access broadcast network, there could potentially be hundreds of machines to reply to each packet. The "smurf" attack's cousin is called "fraggle", which uses UDP echo packets in the same fashion as the ICMP echo packets; it was a simple re-write of "smurf".
  • understand how DDoS attacks are orchestrated
  • recognize programs used to facilitate DDoS attacks
  • apply measures to prevent the attacks
  • gather forensic information if you suspect an attack
  • learn more about host security
Source:
http://www.infosyssec.org/infosyssec/security/secdos1.htm

0 yorum: