GEN:SID | 1:478 |
Message | ICMP Broadscan Smurf Scanner |
Summary | This event is generated when Broadscan Smurf Scanner generates an ICMP echo request message.
|
Impact | ICMP echo requests are used to determine if a host is running at a specific IP address. A remote attacker can scan a large range of hosts using ICMP echo requests to determine what hosts are operational on the network.
|
Detailed Information | The Broadscan Smurf Scanner generates an ICMP echo packet with a specific datagram signature.
|
Affected Systems | |
Attack Scenarios | A remote attacker might scan a large range of hosts using ICMP echo requests to determine what hosts are operational on the network.
|
Ease of Attack | Simple. Packet generation tools can generate this type of ICMP packet
|
Corrective Action | To prevent information gathering, use a firewall to block incoming ICMP Type 8 Code 0 traffic.
|
Additional References | |