Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Please Prove My Father Wrong!
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
hijack this log computer 2 »
« IP address blocking  
AuthorAll Replies

x539

join:2003-08-23
Oklahoma City, OK

reply to mziemba
Re: Please Prove My Father Wrong!

I suspect that what you're seeing is not a "smurf attack" at all. Reason being that this is a very old-school attack, and it's pretty hard to pull it off effectively any more. The reasons this attack used to be successful are:

1. Windows machines used to reply to ICMP ECHO directed to the broadcast address. They haven't for several years. Note: Most Linux/UNIX machines in default configuration will. In Linux adding "net.ipv4.icmp_echo_ignore_broadcasts = 1" to sysctl.conf will stop this.

2. Most people used slower connections. It takes a whole lot more pings to knock someone off a broadband connection than off a 28.8 dialup.

What I think is more likely is that your router assumes that all x.x.x.0 and x.x.x.255 IPs are network/broadcast addresses, and classifies packets coming from these hosts as smurfs. That is not necessarily the case though, as those addresses are dependent on the size of the subnet. For example, the address 10.1.4.255 is not a broadcast address on a 10.1.0.0/16 network.

As far as why the network "goes down", it would appear that way if you were waiting for packets from a host that your router was eating because it thinks its an attack.

It's possible that you really are the victim of a smurf attack, but I would say that it's highly improbable
to forum · permalink · · 2004-05-17 10:41:12 · Reply to this
Forums » Up and Running » Security » Securityhijack this log computer 2 »
« IP address blocking  

Tuesday, 10-Nov 09:14:52 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [89] Verizon Keeps Swinging At AT&T
· [84] VoIP Over 3G Still Not Working For iPhone
· [33] Bill Would Force ISPs To Block Financial Scams
· [24] Mediacom Hints At 50, 100 Mbps Speeds
· [16] Clearwire To Get Another $1.5 Billion
· [12] Monday Evening Links
· [10] 15 States Have Now Gotten Broadband Mapping Money
· [6] AT&T Launching New 7.2 Mbps 3G Modem
· [4] Moto Sold About 100,000 Droids
· [2] Sprint Announces Job Cuts
Most people now reading
· 60 Minutes piece on cyber security last night [Security]
· [SU] Apple Releases Mac OS X 10.6.2 [All Things Macintosh]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Microsoft Security Bulletin Summary for October 13, 2009 [Security]
· Windows 7 boot manager editing questions [Microsoft Help]
· How in the world am I going to get into college? [General Questions]
· Wood floor opinion... [Home Repair & Improvement]
· Slow speed lately? [TekSavvy]
· A fishy CRTC tarriff filed by bell? [TekSavvy]