The process of smurf attack is as follows.
1. Send huge amount of ICMP request to the broadcast address of the victim network(Directed Broadcast Address).
2. Source IP of the attacker must be spoofed.
3. The ICMP request reach the gateway of the victim network.
4. Each host on the victim network will respond to the ICMP request (Amplifying the ping requests)
5. It creates uncontrollable amount of traffic from victim's network.
6. It will consume the useful bandwidth and the server will be down in few minutes.
How to prevent smurf attack
1. Configure individual hosts and routers not to respond to ping requests or broadcasts.
2. Configure routers not to forward packets directed to broadcast addresses.
1. Denial of Service (DOS) attacks - tutorial
2. netstat - a command line tool
New CCNA Tutorials