• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Need help with possible smurf attack.....

UsandThem

UsandThem

Elite Member
I bought a Belkin F5S7230-4 Wireless Router.

I have cable internet and the only thing I am using my router for is for TIVO. Well, I got everything installed and it works.

However, I immediately changed my security settings. I enabled WEP, MAC Address Filtering, disabled ESSID Broadcast, added WAN Ping Blocking, and have it working in 11g mode only.

My wireless connection still works fine, and I tested it at Shield's Up website and it is in full stealth mode.

However, in my security log, a see the same entry every one minute:

10/29/2006 15:11:24 **Smurf** 169.254.255.255->> 192.168.2.3, Type:3, Code:3 (from LAN Outbound)
Click to expand...

Now, what does this mean? Is this coming from my computer or from the outside? The 169.254.255.255 is not my IP address, however the second one is my TIVO's IP.

Any help would be appreciated.


<-------------------- Wireless newbie.
 
Google Search -

Smurf attack
From Wikipedia, the free encyclopedia

The smurf attack, named after its exploit program, is a denial-of-service attack which uses spoofed broadcast ping messages to flood a target system.

In such an attack, a perpetrator sends a large amount of ICMP echo (ping) traffic to IP broadcast addresses, all of it having a spoofed source address of the intended victim. If the routing device delivering traffic to those broadcast addresses performs the IP broadcast to layer 2 broadcast function, most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply each, multiplying the traffic by the number of hosts responding. On a multi-access broadcast network, potentially hundreds of machines might reply to each packet.

Several years ago, most IP networks could lend themselves thus to smurf attacks -- in the lingo, they were "smurfable". Today, thanks largely to the ease with which administrators can make a network immune to this abuse, very few networks remain smurfable. [1]

To secure a network with a Cisco router from taking part in a smurf attack, it suffices to issue the router command no ip directed-broadcast .

c3p0
:beer:

 
First you should know that there is No relation between Wireless security, and Internet Security. These are independent issues.

Second, you have to stop looking on the Router's log, unless you want to get High Blood pressure.

Constant pings and attempt to connect are part of having Cable Internet (mainly because of the topology used by the ISPs).

So use a Router, add software Firewall, AV, and Antispyware, and try to enjoy the Internet.

http://www.ezlan.net/faq#secure
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top