smurf

• Previous message (by thread): smurf
• Next message (by thread): smurf
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mike Hedlund wrote:
> 
[snip]
> Well.. the main problem with smurf is that as far as i know, it uses the
> reply from a broadcast. that will rule out tcp unless they send a direct
> flow from the attackers box to the destination/victims box. For UDP,
> you would have to send it to a broadcast, and also hope there is a udp
> service listening (ie.. a test program i wrote sent 1 udp broadcast to
> 198.32.136.255:7 and received a whole bunch of replies.. turn off small
> services on routers would be helpfull.. :)). You could also do that to
> any network, the point being.. its easier to disable simple udp services
> then to setup filters on border routers..
> 
> -mike

I guess that depends upon how many border routers you have :)

It would also help to filter outgoing traffic from your network to
ensure
you do not become the unwitting source of a smurf attack..

--
Leigh Porter

• Previous message (by thread): smurf
• Next message (by thread): smurf
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]