Eicon Networks S92 Manual do Utilizador descarregar pdf (Página 196)

YuChakTinMichael‘sGIACGCFWProjectAssignment

Page 196

Intheory,wecan pingaroundtheinternettofindoutwhocanbeusedasamplifiers.

Thisis,however,extremelytimeconsuming.Also,thedegreeof damageproducedby

individualsystemsishighly limited.Forlaunchingattackofmassivescale,theideal

amplifiercandidatesarenetworksthathaveIPdirectedbroadcastcapableroutersat

theborderandnumerousclientsintheinternalnetwork.

Inresponsetothethreatsposedbythiskindofattack,aprojectknownasSmurf

AmplifierRegistry (SAR)hasbeenlaunched.AccordingtotheofficialSARpage,

“TheSARisatoolforInternetadministratorsbeingattackedbyor implicatedin

smurfattacks,orthosewhowishtotakeprecautions.…TheSARletsyouprobe

InternetconnectedIPnetworkstoseewhetherornottheyareconfiguredinaway

thatwillallowperpet ratorstousethemforsmurfamplification.Probingcanbedone

interactivelyorinbulk.IninteractivemodetheSARwillprobeanetwork,findthe

numberofduplicatesreturned,andsavethisinformationinadatabase.If,andonlyif,

theprobednetwo rkreturns1ormoreduplicatepackets,itismarkedas"broken". 

Upongainingknowledgeofabrokennetwork,theSARwillautomaticallyobtain

informationaboutthenetworkandnotifytherelevantpeopleofthis.”

71

SARappearstobeatoolagainstsmurfattack.However,wecantakeadvantageofits

probingfeaturetolocatenetworksthatare stillvulnerable,andthenmakeuseof

them.

UsingSAR:

WecanuseSARinthefollowingways:

1,Useittoprobeapotentialamplifiernetwork:

71

http://www.powertech.no/smurf/

1 2 ... 191 192 193 194 195 196 197 198 199 200 201 ... 208 209

Sem comentários

Eicon Networks S92 Manual do Utilizador Página 196