[Music] [Laughter] the Smurf attack is a distributed denial-of-service attack in which large numbers of Internet control message protocol in packets with the intended victim spoofed source IP are broadcast to a computer network using an IP broadcast address most devices on a network will by default respond to this by sending a reply to the source IP address if the number of machines on the network that receive and respond to these packets is very large the victims container will be flattered with traffic this can slow down the victims computer to the point where it becomes impossible to work on in the late 1990s many IP networks would participate in Smurf attacks if prompted that is they would respond to written requests sent to broadcast addresses the name comes from the idea of very small but numerous attackers overwhelming a much larger opponent see smurf today administrators can make a network immune to such abuse therefore very few networks remain vulnerable to smurf attacks the fix is twofold one configure individual hosts and routers to not respond to the requests or broadcasts or to configure routers to not forward packets directed to broadcast addresses until 1999 standards required routers to forward such packets by default since then the default standard was changed to not forward such packets another proposed solution is network ingress filtering which rejects the attacking packets on the basis of the forged source address an example of configuring a router so it will not forward packets to broadcast addresses for a Cisco router is router can pants I know if directed broadcast this example does not protect a network from becoming the target of Smurf attack it merely prevents the network from participating in a smurf attack a smurf amplifier is a computer network that lends itself to being used in a smurf attack Smurfs amplifiers asked to worsen the severity of a smurf attack because they are configured in such a way that they generate a large number of attempt replies to the victim at the spoofed source IP address a Fraggle attack is a variation of a smurf attack where an attacker sends a large amount of ugh traffic to port 7 echo and 19 target to an IP broadcast address with the intended victim spoofed floors IP address it works very similar to the Smurf attack in that many computers on the network will respond to this traffic by sending traffic back to the spoofed source IP of the victim flooding it with traffic fraggle da see the source code of the attack was also released by freak