What is a Smurf Attack?

04.03.2020 Read
What is a Smurf Attack?

A smurf attack is a type of DDos attack that aims to create high traffic on your network and harm your organization. Read more to learn how you can avoid such attacks.

What is a smurf attack?

A smurf attack is a type of DDoS attack that consumes the essential resources of your network through the utilization of ICMP Echo mechanism. In other words, an attacker tries to flood a server with ICMP packets in order to render it inaccessible. When successful, a smurf attack can overwhelm an entire computer network and make it inoperable.

Dating back to the second half of the 1990s, smurf attacks are relatively old but they manage to remain as a relevant threat because of their sheer popularity amongst hackers and cyber criminals. That is why you must be informed about smurf attacks and how you can prevent your organization against them.

What are the types of smurf attacks?

There are two main types of smurf attacks: basic and advanced.

Basic Smurf Attack: When the targeted network is flooded with a seemingly endless array of ICMP request packets, a basic smurf attack is successful. The ICMP request packages include a source address that is set to the broadcast address of the target’s network. If the packets succeed to disperse properly, every single device within the target network replies the ICMP request with an echo. As a result, an immense traffic which will bring the whole systems down is created.

Advanced Smurf Attack: Advanced smurf attacks start off just like the basic smurf attacks. ICMP request packages that feature the source address directed at the broadcast address of the target network are created and dispersed swiftly. Then the devices within the network replies ICMP requests with echos, yet this time these echo requests have the ability to configure their sources so that the sources can respond to third party victims. As a result, attackers can reach various targets at once and slow down a larger part of the web.

Advanced smurf attacks allow attackers to widen their scope and target bigger groups.

What is the history of smurf attacks?

The very first smurf attack was conducted by Dan Moschuk, also known as TFreak in hacker circles. The name of this type of DDoS attack is inspired by the cartoon and comic strip characters called Smurfs.

Smurf attacks aims to overwhelm and take down a large and strong entity by performing considerably small but plentiful attacks. Hence this technique is named after Smurfs –the small, blue creatures that are able to overpower their much bigger enemies when they work together.

During the second half of the 1990s, smurf attacks were very popular and threatening, yet today almost all organizations are immune to such cyber attacks.

What is a fraggle attack?

Fraggle attack is a specific type of smurf attack where the hacker sends massive amounts of DUP traffic to Echo and CHARGEN ports. The basic principle behind a fraggle attack is very similar to the one behind smurf attacks: creating an overwhelming traffic to render networks inoperable.

The very first fraggle attack was conducted by TFreak as well. You might also want to learn about Top Cyber threats.

A vast library of integrations and free services on demand
See All Integrations
See Logsign Unified SO Platform in action!
Watch Demo