What is Smurf Attack ?
The Smurf Attack is a Denial of Service or DoS Attack, which is commonly perpetrated and can turn down a system completely.
In Smurf Attack, an attacker creates lots of ICMP packets with the intended victim's IP address as source IP and broadcasts those packets in a computer network using an IP Broadcast address.
As a result, most devices of the network respond by sending reply to the victim's IP address. If the number of devices in the network is very large, and most of the devices send reply, the victim's machine floods with network traffic. This can slow down the victim's computer, to such extent that it will become impossible to work on it, resulting in a Denial of Service Attack.
How to prevent Smurf Attack ?
There are mainly three ways this problem can be handled :
- You can configure individual hosts and routers in the network not to respond to ICMP requests or broadcasts.
- You can configure routers not to forward packets directed to broadcast addresses.
- And the third solution is, ingress filtering, that is, block the packets in the network which come from outside the network and have a source address which belongs to the network.
A Fraggle Attack is also a variation of the Smurf Attack. In this attack, the attacker sends a large number of UDP packets to port 7 (echo) and 19 (Chargen or Charachter Generator) to an IP Broadcast address with the intended victim's IP address as source IP address. And the result is very similar to the Smurf Attack.
So, beware of various cyber attacks so that you can safeguard your system in a better way and stay safe, stay protected.
What are Ping Flood and Ping of Death ?
What are DoS and DDoS Attacks and how to prevent them ?
What is Deep Packet Inspection ?
What is Next Generation Firewall ?
What is an Intrusion Detection System and how does it work ?
What is Honeypot ?
How to install Snort IDS on Linux ?
Detect Sudden Increase In Your Network Traffic : The First Step Towards Preventing Attack In Your System
Analyze Your Network Traffic By Source IP Address : The Network Analyzer Version 2