Geek Trivia

If You’re The Victim Of A Smurf Attack, You’re The Victim Of What?

A Denial-of-Service Attack
Phishing Tactics
Credit Card Fraud
Theft of Virtual Goods
The Largest Gold Statue In The World Is A Statue Of What?
Smurf figurines
Schtroumpfs/Flickr

Answer: A Denial-of-Service Attack

A Smurf attack is a specific form of denial-of-service attack in which a large volume of ICMP packets (with the victim’s spoofed IP address swapped in place of the sender’s IP address) are broadcast over a computer network using one of the IP broadcast addresses available on that network.

As a result, any ICMP request (like a ping request) sent via Smurf attack to the IP broadcast address of the network would prompt all of the computers within that broadcast address block to respond, effectively burying the unsuspecting IP address (and attached computer equipment) of the targeted user under a mountain of misdirected responses, rendering their connection unusable until the deluge of replies stopped. The attack derived its name from the 1980s-era cartoon¬†The Smurfs, since the creator of the original code that drove the attack, Dan Moschuk, saw the deluge of packets, like the tiny Smurfs, overwhelming a much bigger opponent through sheer numbers—the original file was called smurfs.c in reflection of that.

Smurf attacks were extremely easy to execute prior to the late 1990s since most networks were poorly configured and unable to resist abuse in such a fashion. Since then, hosts and routers have been routinely configured not to respond to ICMP requests addressed on the IP broadcast level or to forward requests they receive.