On Fri, Apr 19, 2002 at 09:03:15AM +0200, Attila SZALAY wrote: > Hi All! > > On 2002 Apr 19, Waldemar Gorus wrote: > > > > could someone please wrote about the smurf attack? > > Smurf attack is a DDoS (Distributed Denial of Service) attack. > > It's use, that some OS reply to ping sended to broadcast address. > > The attacker send _one_ ICMP ping to the accelerator network broadcast > adress, and set source address to the attacked machine adress. > If the accelerator network has enough computer answering the fake ping, > it's flooding the attacked machine network. > > If you at the attacked end of the network, cannot do anithing, becouse > ping replys hitting you, anithing you do. > > But the real solution is, if the accelerator networks disappear. > For this, you must drop pings (or anything, becouse there are no fonction > use this) going to broadcast address. (Especially incoming packet to your > own network broadcast adress). Good stuff ... your english is not too bad :) Some links: http://www.mycert.org.my/network-abuse/dos.htm (the linux stuff is old, ipfwadm, but provides a starting point) http://bugtraq.inet-one.com/dir.1997-10/msg00073.html Note to OP: Google is your friend. I found these links in about ~30 seconds of searching (though I admit I'd read them before when I had to disable directed broadcasts on Bay routers ...) -- Nathan Norman - Micromuse Ltd. mailto:nnorman@micromuse.com Gil-galad was an Elven-king. | The Fellowship Of him the harpers sadly sing: | of the last whose realm was fair and free | the Ring between the Mountains and the Sea. | J.R.R. Tolkien
Attachment:
pgpYJ7whNbeQX.pgp
Description: PGP signature