PrepAway - Latest Free Exam Questions & Answers

Which of the following will help prevent smurf attacks?

Which of the following will help prevent smurf attacks?

PrepAway - Latest Free Exam Questions & Answers

A.
Allowing necessary UDP packets in and out of the network

B.
Disabling directed broadcast on border routers

C.
Disabling unused services on the gateway firewall

D.
Flash the BIOS with the latest firmware

Explanation:
A smurf attack involves sending PING requests to a broadcast address. Therefore, we can prevent smurf
attacks by blocking broadcast packets on our external routers.
A smurf attack is a type of network security breach in which a network connected to the Internet is
swamped with replies to ICMP echo (PING) requests. A smurf attacker sends PING requests to an Internet
broadcast address. These are special addresses that broadcast all received messages to the hosts
connected to the subnet. Each broadcast address can support up to 255 hosts, so a single PING requestcan be multiplied 255 times. The return address of the request itself is spoofed to be the address of the
attacker’s victim. All the hosts receiving the PING request reply to this victim’s address instead of the real
sender’s address. A single attacker sending hundreds or thousands of these PING messages per second
can fill the victim’s T-1 (or even T-3) line with ping replies, bring the entire Internet service to its knees.
Smurfing falls under the general category of Denial of Service attacks — security attacks that don’t try to
steal information, but instead attempt to disable a computer or network.
Incorrect Answers:
A: Allowing necessary UDP packets in and out of the network would not block the broadcast packets used
in a smurf attack. This answer is therefore incorrect.
C: Disabling unused services on any device is a recommended security measure. However, a smurf attack
doesn’t use a service that you would disable. A smurf attack uses TCP/IP networking. This answer is
therefore incorrect.
D: Flashing the BIOS with the latest firmware is a good idea. Smurf attacks do not attack a firmware
vulnerability though, so updating the firmware would not prevent a smurf attack. This answer is therefore
incorrect.

http://www.webopedia.com/TERM/S/smurf.html


Leave a Reply