What is Smurf Attack & How to Prevent it

Smurf attack is a kind of attack where attacker generates uncontrolled amount of traffic in to victims network. Smurf attack is mainly targeting networks where routers are configured in a way to respond to ping packets. By pinging the broadcast address of victim network, attacker ensure a huge amount of packet flow from hosts connected to the network by responding to the ping request. Let us check the procedure to conduct Smurf attack.

Smurf attack Procedure

  1. Spoof the IP address of attacker to avoid detection

  2. Find the broadcast address of the victim network

  3. Send huge amount of ICMP request to the broadcast address of the victim network(Directed Broadcast Address).

  4. The ICMP request reach the gateway of the victim network.

  5. Each hosts on the victim network responds to the ICMP request. This process amplifying the ping requests send by the attacker.

  6. Ping response from hosts create uncontrollable amount of traffic in victim's network.

  7. It will consume the useful bandwidth of the server. It is enough to down the server for a limited period of time

How to prevent smurf attack

We can prevent Smurf attack by carefully designing our networks. Important points to remember while configuring a network to prevent Smurf attack are listed below.

  1. Configure individual hosts and routers to not respond ping requests and broadcasts

  2. Configure routers not to forward packets directed to broadcast addresses.

Related Topics

1. Denial of Service (DOS) attacks Tutorial

2. netstat - a command line tool

Technology Blog

1 comment:

Anonymous said...

Can you tell step by step instructions to conduct smurf attack