Electronic Books

This still leaves you vulnerable to internal land attacks, and depending on
all the traffic generated, it can be difficult to locate the actual attacker. It
would require backing up switch by switch to create a process of elimination
to locate the actual system sending the attack.
650


Practical Hacking Techniques and Countermeasures
Lab 92: Denial-of-Service ??“??“ Smurf Attack
DoS Smurf Attack: Smurf Attack
Prerequisites:
None
Countermeasures:
Secure ACLs, Bastion servers/workstations
Description:
Attackers are using ICMP echo request packets directed to
IP broadcast addresses from remote locations to generate denial-ofservice
attacks. The packets use a ???spoofed??? source address so all
responding machines on that network send traffic to that target, creating
a large amount of network congestion.
Procedure:
Install RafaleX, set parameters, and execute against the target.
Verify with the packet sniffer.


Install the RafaleX application as outlined in Lab 48.


Install the Ethereal application as outlined in Lab 41.


Open the Ethereal application and start capturing data (refer to Lab 41).


Open the RafaleX application by clicking on the
RafaleX.exe
icon.
The RafaleX application will start.
Denial-of-Service (DoS)


651
Set the
Source IP
to a ???spoofed??? IP address (10.10.10.10). Set the
Source
Port
to
123
.
Set the
Destination IP
to the
Broadcast
address of the network
(x.


Pages:
197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221