Smurf Attack

Smurf Attack

What is a smurf attack?

A smurf attack is a malicious Denial of Service attack that makes a computer network inoperable by targeting the vulnerabilities of the Internet Protocol (IP) and Internet Control Message Protocols (ICMP).

How does a smurf attack work?

Typically, a smurf attack relies on three specific things: the hacker or cyber attacker; the “amplifier”; and the victim.

Smurfing is carried out through the routing process.

In general, a hacker will target the victim’s IP address and then identify an intermediary website, which essentially helps to amplify the attack.

According to Kaspersky Lab, the first step is typically for malware to create a “network packet” that will be attached to a false or “spoofed” IP address.

The packet will contain an ICMP message that asks networks to respond with a reply after receiving the packet.

Finally, the replies that are sent – a process called “echoing” – are returned to the network IP addresses, which essentially create an infinite loop.

The result when combined with IP broadcasting is for smurfing to cause a Denial of Service.

What does this mean to me?

Smurf attacks can create a vast amount of computer traffic on your network, and when that happens, your system could be overwhelmed and shut down.

Smurfing attacks can be bundled with other malicious programs that allow hackers to find a backdoor to your computer network.

When hackers gain that access, they may be able to see your private data such as usernames and passwords, or bank account information.

Anything you input or store on your computer could be vulnerable to theft.

These attacks can also cripple servers for hours or days, and for a business, that means lost revenue.

It could also mean the loss of employee or customer data or even intellectual property that you might otherwise want to keep away from outside eyes.

Protect a system from a smurf attack

Preventing a smurf attack may take a more advanced level of protection than perhaps the average computer user can set up.

If possible, rely on a professional, such as your company’s computer systems administrator, to help keep the system safe.

They’ll need to know about individual hosts and routers, which can be set up to ignore external ping requests and broadcasts.

Routers should also be designed to keep packets from being forwarded.

Check with your systems administrator or other IT specialist to ensure hosts and routers do not respond to ICMP echo requests.

Also, ensure that they also block directed broadcast traffic entering the network.[/vc_column_text][/vc_column][/vc_row]

Leave a Reply

Your email address will not be published.