Attacks & Threats
Smurf Attack
Definition
A legacy amplification DDoS that sends ICMP echo requests to a network's broadcast address with the victim's IP spoofed as the source, causing every host on that network to reply to the victim.
Examples
- An attacker spoofs the victim's IP and pings the broadcast address of many remote /24 networks; each network multiplies the attack.
- A penetration test discovers an internal router still permitting directed broadcasts, enabling a Smurf-like internal flood.
Related terms
DDoS Amplification
A DDoS technique that abuses UDP-based services to reflect responses many times larger than the spoofed request, allowing small attackers to generate massive flood volumes.
Distributed Denial-of-Service (DDoS) Attack
A denial-of-service attack carried out from many distributed sources simultaneously — typically a botnet — to overwhelm a target's bandwidth, infrastructure, or application.
Fraggle Attack
A UDP variant of the Smurf attack that sends spoofed UDP echo or chargen packets to a network's broadcast address, causing every responding host to flood the victim.
IP Spoofing
Forging the source IP address of network packets to impersonate another host, bypass filters, or amplify denial-of-service attacks.
DNS Amplification Attack
A reflection DDoS attack that abuses open DNS resolvers by sending small queries with the victim's spoofed IP, causing resolvers to send large DNS responses to the victim.
Denial-of-Service (DoS) Attack
An attack that exhausts a system's bandwidth, compute, memory, or application resources so that legitimate users can no longer access the service.