Smurf attack
A smurf attack is a special type of denial-of-service attack on a computer system or network.
In this case, an attacker sends ping packets ( ICMP packets of type Echo Request ) to the directional ( directed ) broadcast address of a network. The address of the computer to be attacked is entered as the sender in these ICMP packets. In the target network, the router forwards the broadcast request to all devices in the local network. As a result, all connected computers respond to the victim's alleged request. Depending on the number of clients, the attacker can generate a large number of responses to the victim with just one ICMP packet. Through the reinforcement, an attacker can multiply his available bandwidth at the victim. This ultimately overloads the victim's internet connection or operating system.
Computer networks that forward directed broadcast requests from the Internet locally and thereby enable a Smurf attack are called Smurf amplifiers in this context . In a Smurf attack, the victim only sees the IP addresses of the amplifiers, not those of the actual attacker. Nowadays there are hardly any Smurf amplifiers, as hosts in the standard configuration no longer respond to broadcast pings and routers do not forward packets that are directed to a broadcast address.
The name Smurf goes back to the file "smurf.c", which was published in 1997 by Dan Moschuk "TFreak". Smurf is the English word for smurf . The name conveys the idea of small but very numerous attackers who overpower a much larger opponent.