RE: Smurf ,land attacks

From: Michael Sconzo (msconzo@tamu.edu)
Date: 11/04/02


From: "Michael Sconzo" <msconzo@tamu.edu>
To: <security-basics@securityfocus.com>
Date: Mon, 4 Nov 2002 14:17:00 -0600


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

So, Smurf is a broadcast attack (many computers respond to a spoofed
icmp echo request towards a specific host). Where as a LAND is a
packet sent to host A spoofed to be from host A, causing the host to
get confused.

and IP spoofing is not an attack, it is a method for performing
attacks (ie. smurf and land both use this technique)

A good idea when looking up specific vulnerabilities/attacks check
http://cve.mitre.org, and then just 'google' the cve entry.

Further reading.

SMURF
http://www.iss.net/security_center/advice/Exploits/IP/smurf/default.ht
m

LAND
http://www.iss.net/security_center/advice/Intrusions/2000001/default.h
tm

IP Spoofing
http://www.iss.net/security_center/advice/Underground/Hacking/Methods/
Technical/Spoofing/default.htm

- -mike

- -----Original Message-----
From: vijay vikram shreenivos [mailto:karpagamekapali@rediffmail.com]
Sent: Saturday, November 02, 2002 1:15 AM
To: security-basics@securityfocus.com
Subject: Smurf ,land attacks

Hi list,

Can someone give the EXACT differences btw

SMURF
LAND
and IP soofing attacks.

karpagamekapalidurgau
__________________________________________________________
Give your Company an email address like
ravi @ ravi-exports.com. Sign up for Rediffmail Pro today!
Know more. http://www.rediffmailpro.com/signup/

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPcbVtS76iJsaBRvcEQKKPwCeIT0H9yTXT8+H9O3uDRfkswTcHWwAnR6K
Gk1el45UFn0Xsdkox8DNv8j4
=QWGc
-----END PGP SIGNATURE-----



Relevant Pages

  • Re: Limit the number of erroneous logins of root from the same IP
    ... After the limit that IP can not try to login anymore. ... be careful about reacting to spoof attacks. ... I've seen idiots trying to spoof login attempts from ... It offered three options - add a host reject route (man ...
    (alt.os.linux.redhat)
  • RE: eEye Blink and other Endpoint IPS solutions.
    ... > Is there anyone out there using Host Based Intrusion Detection ... > on system performance and how their effectiveness compares to NIPS. ... while HIPS are great at stack-based detection (please forgive ... about DDoS attacks, you need NIPS. ...
    (Focus-IDS)
  • Re: nbc why does michael moore hate the Iraqis? nbc
    ... >>>protection against attacks, is a good one. ... >>>it is pretty much made a lie when Israel began settling the area. ... >> settlements are quite useful, tactically, as buffers. ... > You made the point that Arab nations used that land to stage attacks ...
    (rec.music.artists.springsteen)
  • Farm invasions continue amid fears of military deployment
    ... Farm attacks are continuing this New Year, amid very real fears that the ... to complete Robert Mugabe's so called land 'reform' programme. ... According to the President of the Commercial Farmers Union, ...
    (sci.physics)
  • Re: repeated ssh login attempts/failure/break-in attempts from kiddy script
    ... like 100-200 logins, fails and goes away. ... These attacks should be a warning to you. ... I haven't enabled inetd in so long I don't remember what's in it, but it's amazing how many boxes are still running chargen, rpc.statd and a host of other services that are completely unnecessary ... Being secure and staying secure is your responsibility. ...
    (freebsd-questions)