What is a smurf attack?
A smurf attack is a malicious Denial of Service attack that makes a computer network inoperable by targeting the vulnerabilities of the Internet Protocol (IP) and Internet Control Message Protocols (ICMP).
How does a smurf attack work?
Typically, a smurf attack relies on three specific things: the hacker or cyber attacker; the “amplifier”; and the victim.
Smurfing is carried out through the routing process.
In general, a hacker will target the victim’s IP address and then identify an intermediary website, which essentially helps to amplify the attack.
The packet will contain an ICMP message that asks networks to respond with a reply after receiving the packet.
Finally, the replies that are sent – a process called “echoing” – are returned to the network IP addresses, which essentially create an infinite loop.
The result when combined with IP broadcasting is for smurfing to cause a Denial of Service.
What does this mean to me?
Smurf attacks can create a vast amount of computer traffic on your network, and when that happens, your system could be overwhelmed and shut down.
When hackers gain that access, they may be able to see your private data such as usernames and passwords, or bank account information.
Anything you input or store on your computer could be vulnerable to theft.
These attacks can also cripple servers for hours or days, and for a business, that means lost revenue.
It could also mean the loss of employee or customer data or even intellectual property that you might otherwise want to keep away from outside eyes.
Protect a system from a smurf attack
Preventing a smurf attack may take a more advanced level of protection than perhaps the average computer user can set up.
If possible, rely on a professional, such as your company’s computer systems administrator, to help keep the system safe.
They’ll need to know about individual hosts and routers, which can be set up to ignore external ping requests and broadcasts.
Routers should also be designed to keep packets from being forwarded.
Check with your systems administrator or other IT specialist to ensure hosts and routers do not respond to ICMP echo requests.
Also, ensure that they also block directed broadcast traffic entering the network.