[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Smurf

I think that you either don't understand smurf attacks or I am totally
misunderstanding what you are trying to ask.

"Smurf attacks" are not any sort of break-in attempt. They are a flood of
responses to forged ICMP Echo Request (PING) packets. You cannot firewall
off incoming DoS attacks as an end-user. (They are hitting your firewall,
creating the same bottleneck in traffic as they would if the attack got
through to internal machines)

You can prevent your internal users from launching smurf attacks from your
network, by dropping forged packets at any of your gateways. (Preferably
the closest gateway to the user).

Hope that helps,


On Thu, 18 Apr 2002, Richard Ibbotson wrote:

> Hi
> I've had a good look round the net and at several books about
> iptables as well as the man pages.  Can't find any reference to smurf
> attack and the use of iptables to block this kind of break in attempt.
> Can anyone explain how to write a rule for this ?   Any help greatly
> appreciated.
> Thank you
> --
> Richard

To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: