Big4Guy

Confessions, Thoughts, Observations and Musings of a Big4Guy

Big4Guy

Welcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.

Post details: Types of Attacks - Smurf Attack

11/09/05

10:51:23 pm, Categories: Information Security, 131 words

Types of Attacks - Smurf Attack

Smurf Attack

One of the most common types of attacks is the Smurf attack. In a smurf attack, the perpetrator sends an IP ping or “echo my message back to me” request to a receiving site. The ping packet specifies that it be broadcast to a number of hosts within the receiving site’s local network. The packet also indicates that the request is from another site, the target site that is to receive the denial of service. Sending a packet with someone else’s return address in it is called spoofing the return address. The result will be a lot of ping replies flooding back to the innocent, spoofed host. If the flood is great enough, the spoofed host will no longer be able to receive or distinguish real traffic.