MacSmurf uses the broadcast feature in ICMP echo requests (and
spoofed packets) to formulate attacks that are seemingly exponential
in size based on the size of the attack's "amplification".
Example: if you set the Amplification Address to a router that
has 500 machines and a 100Mbps connection on it and use MacSmurf
to attack a victim having only a 1.5Mbps cable connection while
you have a 1.5Mbps cable connection, you could potentially create
about 10-50Mbps of traffic between the victim and the 100Mbps
network. The victim would have little to no chance of surviving. |