Smurf Attack

Reading time: 10 minutes

smurf1

Smurf Attack is a type of DDoS Attack, which floods the system with the spoofed ping messages. The attack has an amplification vector that increases the damage by exploiting the characteristics of the broadcast network. The attack swamps the internet with the replies to ICMP echo requests. The attack creates a high computer network traffic on the targeted network, which often renders it unresponsive.

Procedure For The Attack

  1. In this attack, first, the hacker sent a huge number of traffic on the targeted victim IP Address.
  2. Then the hacker spoofs the source destination IP address.
  3. After this, the host on the victims' network responds to the ICMP requests which create a significant amount of traffic on the victim network.
  4. Finally, the attack leads to the consumption of the bandwidth which ultimately crashes the victim server.

Image For Understanding The Attack

smurf2

Mitigation For The Attack

To mitigate this attack:

  • individual routers and host can be configured to be non-responsive to the external ping requests or broadcasts.
  • Routers can also be configured to ensure that the packets directed to the broadcast addresses are not forwarded.
  • Reconfigure the firewall to disallow the pings originating from the external network.

MCQ Round

Question 1

What type of attack is a Smurf Attack

MitM
Spoofing
DDoS
Smudge

Question 2

The attack has which vector which increases the damage?

Default
Amplification
Non Discoverable
Invisible