Smurf attack

di Monday, February 02, 2009

The Smurf attack is a way of generating a lot of computer network traffic to a victim host. This is a type of denial-of-service attack that floods a target system via spoofed broadcast ping messages.

In such an attack, a perpetrator sends a large amount of ICMP echo request (ping) traffic to IP broadcast addresses, all of which have a spoofed source IP address of the intended victim. If the routing device delivering traffic to those broadcast addresses delivers the IP broadcast to all hosts (for example via a layer 2 broadcast), most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply, multiplying the traffic by the number of hosts responding. On a multi-access broadcast network, hundreds of machines might reply to each packet

In the late 1990s, many IP networks would participate in Smurf attacks (that is, they would respond to pings to broadcast addresses). Today, thanks largely to the ease with which administrators can make a network immune to this abuse, very few networks remain vulnerable to Smurf attacks.

The fix is two-fold:
Configure individual hosts and routers not to respond to ping requests or broadcasts.
Configure routers not to forward packets directed to broadcast addresses. Until 1999, standards required routers to forward such packets by default, but in that year, the standard was changed to require the default to be not to forward.

Another proposed solution, to fix this as well as other problems, is network ingress filtering which rejects the attacking packets on the basis of the forged source address.

An example of configuring a router not to forward packets to broadcast addresses, for a Cisco router, is:


no ip directed-broadcast


(Note that this example does not prevent a network from becoming the target of Smurf attack; it merely prevents the network from "attacking" other networks, or better said, taking part in a Smurf attack.)

A Smurf amplifier is a computer network that lends itself to being used in a Smurf attack. Smurf amplifiers act to amplify (worsen the severity of) a Smurf attack because they are configured in such a way that they generate a large number of ICMP replies to a spoofed source IP address (the victim of the attack).





Check ketersediaan nama kamu sebagai nama domain!!


Related Posts by Categories



Bookmark and Share

category :

0 komentar:

Post a Comment

Subscribe to: Post Comments (Atom)

Others

Links Galery Other
Maj'sBlog
get the code

Red Carpet : BolaSinema
Rohman Sudiro
TopicKhamsionk
Iyandri
David
Deskapahendri
HackTheSlack
MyCuteLingeries
Ngadsens
Frizzy
omSanjaya
marcel
pinginbelajar
jepangsong
thobingsunarya
ripmaggots
rumahislami
neocomp4
arwi-cigo
nearie.web.id
aveef
sakurasays
You ??
www.flickr.com
This is a Flickr badge showing public photos and videos from majendra. Make your own badge here.