Vulnerability Development mailing list archives

Re: smurf (stupid question)

From: Guilherme Mesquita <guy () linuxbr com br>
Date: Wed, 27 Sep 2000 23:27:46 -0700

Nope, since if you spoof from a broadcast, the destination broadcast will
receive the ICMP-ECHO-REPLY and not the ICMP-ECHO-REQUEST. The maximum you
can do is putting down an entire network using its broadcast from other
broadcasts (or high bandwidth machines).


.--------------------.
| Guilherme Mesquita |
| guy () linuxbr com br |
| UIN # 5864338      |
`--------------------'

On Mon, 18 Sep 2000, Leon Rosenstein wrote:

Date:         Mon, 18 Sep 2000 09:38:08 -0400
To: VULN-DEV () SECURITYFOCUS COM
From: Leon Rosenstein <l_rosenstein () MONTELSHOW COM>
Reply-To: Leon Rosenstein <l_rosenstein () MONTELSHOW COM>
Subject:      smurf (stupid question)

Ok before anyone even reads this post please note I am qualifying it as a
stupid question so flames will not be appreciated.  Also if this does not
make the list I will understand.  I was not really sure where to post it.

I was wondering with smurf amplification attacks what would happen if you
spoofed your IP as the broadcast address of another smurfable network.

Would this cause an ICMP storm / war??  Would the two networks
continousally
just ping each other???

Anyway it was something I was wondering about.

Please feel free to respond in public or private.

Thx.

--

Current thread:

smurf (stupid question) Leon Rosenstein (Sep 18)
- Re: smurf (stupid question) Michel Kaempf (Sep 19)
  - Re: smurf (stupid question) alex (Sep 19)
- Re: smurf (stupid question) Lincoln Yeoh (Sep 19)
  - Re: smurf (stupid question) Jacek Lipkowski (Sep 20)
- Re: smurf (stupid question) Holger van Koll (Sep 19)
- <Possible follow-ups>
- Re: smurf (stupid question) Vitaly Osipov (Sep 19)
- Re: smurf (stupid question) Guilherme Mesquita (Sep 27)