A smurf attack is a kind of attack where attacker generates an uncontrolled amount of traffic into victims network. A smurf attack is mainly targeting networks where routers are configured in a way to respond to ping packets. By pinging the broadcast address of victim network, attacker ensures a huge amount of packet flow from hosts connected to the network by responding to the ping request. Let us check the procedure to conduct a Smurf attack.
We can prevent Smurf attack by carefully designing our networks. Important points to remember while configuring a network to prevent Smurf attack are listed below.
1. Denial of Service (DOS) attacks Tutorial
2. netstat - a command line tool
Technology Blog
Smurf attack Procedure
- Spoof the IP address of attacker to avoid detection
- Find the broadcast address of the victim network
- Send huge amount of ICMP request to the broadcast address of the victim network(Directed Broadcast Address).
- The ICMP request reaches the gateway of the victim network.
- Each host on the victim network responds to the ICMP request. This process amplifying the ping requests send by the attacker.
- Ping response from hosts creates an uncontrollable amount of traffic in victim's network.
- It will consume the useful bandwidth of the server. It is enough to down the server for a limited period of time
How to prevent smurf attack
We can prevent Smurf attack by carefully designing our networks. Important points to remember while configuring a network to prevent Smurf attack are listed below.
- Configure individual hosts and routers to not respond ping requests and broadcasts
- Configure routers not to forward packets directed to broadcast addresses.
Related Topics
1. Denial of Service (DOS) attacks Tutorial
2. netstat - a command line tool
Technology Blog
Can you tell step by step instructions to conduct smurf attack
ReplyDelete