What is Smurf Attack & How to Prevent it

Published by: Alex George on March 01, 2009
A smurf attack is a kind of attack where attacker generates an uncontrolled amount of traffic into victims network. A smurf attack is mainly targeting networks where routers are configured in a way to respond to ping packets. By pinging the broadcast address of victim network, attacker ensures a huge amount of packet flow from hosts connected to the network by responding to the ping request. Let us check the procedure to conduct a Smurf attack.

Smurf attack Procedure


  1. Spoof the IP address of attacker to avoid detection

  2. Find the broadcast address of the victim network

  3. Send huge amount of ICMP request to the broadcast address of the victim network(Directed Broadcast Address).

  4. The ICMP request reaches the gateway of the victim network.

  5. Each host on the victim network responds to the ICMP request. This process amplifying the ping requests send by the attacker.

  6. Ping response from hosts creates an uncontrollable amount of traffic in victim's network.

  7. It will consume the useful bandwidth of the server. It is enough to down the server for a limited period of time


How to prevent smurf attack

We can prevent Smurf attack by carefully designing our networks. Important points to remember while configuring a network to prevent Smurf attack are listed below.

  1. Configure individual hosts and routers to not respond ping requests and broadcasts

  2. Configure routers not to forward packets directed to broadcast addresses.


Related Topics

1. Denial of Service (DOS) attacks Tutorial

2. netstat - a command line tool


Technology Blog

1 comment:

  1. Anonymous4:33 PM

    Can you tell step by step instructions to conduct smurf attack

    ReplyDelete

Newer Post Older Post Home