Slide 5 of 16
- The “Smurf” and “Fraggle” attacks are two of the most severe Denial of Service attacks found today, because they allow a user with relatively low bandwidth to generate a very large amount of bogus traffic towards a remote network.
- They utilize IP directed broadcasts in combination with echo protocols and spoofed packets in order to generate multiplied traffic streams.
- There are two victims:
- The intended victim, who receives a large amount of traffic from intermediate sites
- The intermediate sites, or “bounce sites” used to multiply the traffic streams
- The attacks are similar in nature to traditional ping and UDP flooding, except that ping and UDP flooding require that the perpetrator have more bandwidth than the target he/she is attacking. Smurf and Fraggle allow the multiplication of traffic through the broadcast mechanism and therefore only require that the sites used to multiply the traffic have enough hosts to increase the factor by which the traffic streams are multiplied.