Allied Telesis AT-S63 User Manual
AT-S63 Management Software Features Guide
Section II: Advanced Operations
165
Smurf Attack
This DoS attack is instigated by an attacker sending a ICMP Echo (Ping)
request that has the network’s IP broadcast address as the destination
address and the address of the victim as the source of the ICMP Echo
(Ping) request. This overwhelms the victim with a large number of ICMP
Echo (Ping) replies from the other network nodes.
request that has the network’s IP broadcast address as the destination
address and the address of the victim as the source of the ICMP Echo
(Ping) request. This overwhelms the victim with a large number of ICMP
Echo (Ping) replies from the other network nodes.
A switch port defends against this form of attack by examining the
destination IP addresses of ingress ICMP Echo (Ping) request packets
and discarding those that contain the network’s IP broadcast address as a
destination address.
destination IP addresses of ingress ICMP Echo (Ping) request packets
and discarding those that contain the network’s IP broadcast address as a
destination address.
To implement this defense, you must specify an IP address of a node on
your network and a mask. The switch uses the two to determine the
broadcast address of your network.
your network and a mask. The switch uses the two to determine the
broadcast address of your network.
This defense mechanism does not involve the switch’s CPU. You can
activate it on some or all of the ports without impacting switch
performance.
activate it on some or all of the ports without impacting switch
performance.