The attack consists of a flood of ICMP echo reply packets generated by exploiting the "broadcast address" feature of the Internet Protocol. It is defended against by dropping packets aimed for such addresses outside of local networks (i.e. at routers). See here, as well as the CERT-CC advisory.
The 'fraggle attack' is a similar concept but using the UDP protocol rather than ICMP (after many people just started blocking ICMP at the firewall.)
Smurfs, on the other hand, are truly hideous.
No comments:
Post a Comment