RE: Smurf ,land attacks

["Carere, Courtney" <CCarere () rich com>]

As far as I understand it, IP spoofing is not an attack by itself.  It's an
integral resource for hackers for many reasons.  Both the smurf and land
attacks utilize it.

Smurf and land attacks are both DoS (denial of service) attacks.  

Land attacks work by sending a stream of TCP SYN packets that have the IP
address and TCP port number set to the same value for both the sender and
receiver (the victim host).  For some implementations of TCP/IP, this causes
an infinite loop and eventual denial of service (a crash and/or reboot of
the system).  Basically, the victim machine crashes itself.

Smurf attacks work through one or more intermediaries.  They ping the
intermediary (send a packet with a request for a reply).  The trick is, the
source of the packet is spoofed as the victim; so when the intermediaries
send a reply packet to the "source" (the victim), it can cause an overload
of DoS.  Smurf attacks cause DoS through other machines.  I think this would
be classified a distributed denial of service attack.

If I'm inaccurate on any of these explanations, please correct me! :D

Here are two websites on smurf attacks:
http://www.pentics.net/denial-of-service/white-papers/smurf.cgi
http://www.cert.org/advisories/CA-1998-01.html

And here's some resources on land attacks:
http://www.cisco.com/warp/public/770/land-pub.shtml
http://advanced.comms.agilent.com/routertester/member/journal/JTC_014.html

-C.J.

-----Original Message-----
From: vijay vikram shreenivos [mailto:karpagamekapali () rediffmail com]
Sent: Saturday, November 02, 2002 2:15 AM
To: security-basics () securityfocus com
Subject: Smurf ,land attacks


Hi list,


Can someone give the EXACT differences btw

SMURF
LAND
and IP soofing attacks.

karpagamekapalidurgau
__________________________________________________________
Give your Company an email address like
ravi @ ravi-exports.com.  Sign up for Rediffmail Pro today!
Know more. http://www.rediffmailpro.com/signup/