Denial of Service Attacks (6)

• Smurf Attack

  • summer 1997 (smurf tool)
  • smurf sends spoofed ICMP echo request (ping) to a broadcast address on a victim’s network
  • the victim’s (spoofed) machine gets too many responses, consuming all available bandwidth
  • attack based on spoofing source IP address

• Smurf Attack defense

  • filter out ICMP messages on a router
  • router configuration option : “no IP directed broadcast” (cisco)

Previous slide

Next slide

Back to first slide

View graphic version