GEN:SID 1:478
Message ICMP Broadscan Smurf Scanner
Summary This event is generated when Broadscan Smurf Scanner generates an ICMP echo
request message.
Impact ICMP echo requests are used to determine if a host is running at a
specific IP address.  A remote attacker can scan a large range of hosts
using ICMP echo requests to determine what hosts are operational on the
network.
Detailed Information The Broadscan Smurf Scanner generates an ICMP echo packet with a specific
datagram signature.  
Affected Systems  
Attack Scenarios A remote attacker might scan a large range of hosts using ICMP echo
requests to determine what hosts are operational on the network.
Ease of Attack Simple.  Packet generation tools can generate this type of ICMP packet
Corrective Action To prevent information gathering, use a firewall to block incoming ICMP
Type 8 Code 0 traffic.
Additional References