First page Back Continue Last page Summary Graphics

Smurf Attack (ping)


UDP flooding works as a smurf attack, too
Any message that elicits a response from your machine can be used to degrade your network connection by forcing the system to spend most of its time responding. The ICMP echo request message sent by ping is a common culprit.

ping is a very useful, basic networking tool. You might not want to disable ping altogether. In today’s Internet environment, conservative folks recommend disabling incoming ping, or at least severely limiting who you accept Echo Requests from. Because of ping’s history of involvement in denial-of-service attacks, many sites no longer respond to external ping requests.

Because of these types of denial of service exploits, gateway routers and firewalls shouldn't forward network-directed broadcast packets.