Author Topic: How to prevent Smurf and Fraggle Attacks  (Read 979 times)

akash.datasoft

  • Green Belt
  • *****
  • Posts: 216
  • Karma: +0/-0
How to prevent Smurf and Fraggle Attacks
« on: October 04, 2013, 08:05:21 AM »
How to prevent Smurf and Fraggle Attacks



There are many mitigations to reduce the risk of Smurf attack an Fraggle attack in a network, which is outlined as follows:


Turn off the forwarding of directed broadcast on all router ports or take other measures to assure your network cannot be abused in this manner.

Configure your operating system to prevent the machine from responding to ICMP packets sent to IP broadcast addresses.

Simply block all inbound and outbound ICMP echo and ICMP echo-reply packets this will disable many network monitoring devices
If you leave ICMP unfiltered but must use committed access rate (CAR) traffic filtering

Filtering outgoing packets that contain a source address from a different network because smurf attack rely on the use of forged packets

In the case of Fraggle, disabling echo (port 7), chargen (port 19), daytime (port13) and qotd (port 17) services is ok because non of the services are used often in network anyway

Many firewall products have build-in Smurf and fraggle attack filters it is vital to deploy these firewalls in critical positions of your network to prevent smurf and fraggle and many other denial of service attacks in your network.


Thanks
http://akash.datasoft.ws