Content #
An attack called Smurf, and its variants, forces a system to expend its resources processing echo replies.
One method of accomplishing this is to spoof the victim’s source address and broadcast an echo request to an entire network of hosts. A single spoofed request message can result in hundreds or thousands of resulting replies being sent to the victim.
Another way of accomplishing a similar result is to install trojans on compromised hosts across the Internet and time them to each send echo requests to the same host simultaneously.
Finally, a simple ping flood in which the attacker sends more echo requests and floods the data connection is another method for a DoS, though it’s becoming less common.
From #
Linux Security: Enhancing Security with nftables and Beyond