Vulnerability Development mailing list archives
Re: smurf (stupid question)
From: Vitaly Osipov <vos () TELENOR CZ>
Date: Mon, 18 Sep 2000 19:26:04 +0200
You can use fraggle (UDP variant of smurf) in such manner - provided both your amplifier networks have lots of computers with "echo" or/and "chargen" ports open (or some services that generate replies to unknown packets) - but it's a rare case... I doubt that such network exist (heh, that they managed to live until now :) ) regards, W. P.S. read here - http://www.cert.org/advisories/CA-98.01.smurf.html ----- Original Message ----- From: "Leon Rosenstein" <l_rosenstein () montelshow com> To: "Vitaly Osipov" <vos () telenor cz> Sent: Monday, September 18, 2000 6:21 PM Subject: RE: smurf (stupid question)
What if you do it with UDP instead? Would that make a difference? -----Original Message----- From: Vitaly Osipov [mailto:vos () telenor cz] Sent: Monday, September 18, 2000 12:16 PM To: Leon Rosenstein; VULN-DEV () SECURITYFOCUS COM Subject: Re: smurf (stupid question) smurf works like this - you send an ICMP _echo request_ packet to some amplifying network with spoofed source address then that network sends lots of ICMP _echo replies_ to that spoofed
address,
simply exhausting it's bandwidth. If I am not mistaken, host that got an ICMP reply they did not ask for, simply discard it. so your scenario will not work... regards, W. ----- Original Message ----- From: Leon Rosenstein To: VULN-DEV () SECURITYFOCUS COM Sent: Monday, September 18, 2000 3:38 PM Subject: smurf (stupid question) Ok before anyone even reads this post please note I am qualifying it as a stupid question so flames will not be appreciated. Also if this does not make the list I will understand. I was not really sure where to post it. I was wondering with smurf amplification attacks what would happen if you spoofed your IP as the broadcast address of another "smurfable" network. Would this cause an ICMP storm / war?? Would the two networks
continousally
just ping each other??? Anyway it was something I was wondering about. Please feel free to respond in public or private. Thx.
Current thread:
- smurf (stupid question) Leon Rosenstein (Sep 18)
- Re: smurf (stupid question) Michel Kaempf (Sep 19)
- Re: smurf (stupid question) alex (Sep 19)
- Re: smurf (stupid question) Lincoln Yeoh (Sep 19)
- Re: smurf (stupid question) Jacek Lipkowski (Sep 20)
- Re: smurf (stupid question) Holger van Koll (Sep 19)
- <Possible follow-ups>
- Re: smurf (stupid question) Vitaly Osipov (Sep 19)
- Re: smurf (stupid question) Guilherme Mesquita (Sep 27)
- Re: smurf (stupid question) Michel Kaempf (Sep 19)