Basic HTML version of Foils prepared May 19 99

Foil 16 Denial of Service Attacks (6)

From Computer Crimes: Examples of Network Security attacks Tango Group Internal Technology Seminars -- April 23 99. by Roman Markowski
Smurf Attack
  • summer 1997 (smurf tool)- http://www.rootshell.com
  • smurf sends many spoofed ICMP echo request (ping) to a broadcast address on a victim's network
  • the victim's (spoofed) machine gets too many responses from every host on the network, consuming all available bandwidth
  • attack based on spoofing source IP address
  • papasmurf - an improved, optimized version of smurf; UDP based;
Defense
  • filter out ICMP messages on a router; this can harm your ability to monitor the network
  • router configuration option : "no IP directed-broadcast" (cisco)

© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Mon Aug 16 1999