Smurfs up (a comp-sec precautionary tale.)‏

File:Monitor padlock.svg

Image from Wikipedia

I was at home last night quietly surfing the net, wired.com and google news mostly, when my connection got sluggish and dropped a few times. Not an unknown occurrence but even when I was able to get on the net only simple or text only pages would work, anything more would time out and not load.

It got annoying so I did some checking to make sure it wasn’t something I was doing. During my checking I checked the log of the firewall in my Linksys router only to find something odd.

Smurf attack detect packet dropped

And not just once, pages and pages of them.

Smurf is an old denial of service attack named after the first known tool to exploit it, Smurf. But it’s an old enough attack to be caught and dropped by my old Linksys router so why am I seeing this and on my home system which is dynamic IP and we request a new address daily (as I hope everyone does.) But then I decided that in this day of lulz-sec and others being able to use such old attacks as sql-injection and get wins why would we not expect that someone would resurrect other old attack tools like Smurf or email bombs or the ping of death?

I doubt the attack last night was directed at me, I don’t host anything worth attacking and we are on a dynamic IP so it was either directed at someone else and we got caught in the crossfire or they were just doing a sweep in the middle of the night looking for vulnerable targets. Doing a search online I find no other reports of random smurf attacks, maybe it is just me?

So there you go, if you or someone you know has had some issues with internet being spotty and slow, check your router or firewall logs and check if there is something similar happening to you. If so or even if not post a comment and lets see how far this is spread out.

In other news apparently bigger fish than I were fried last night and today. A new bunch of game sites were ddosed which I guess means that they weren’t easily hacked by sql injection so they just got hosed. Is this implying a limit to Lulz-Sec abilities or is this someone claiming to be lulz and just not up to snuff? Personally I think the core of the Lulz group are quite good but apparently their hangers on are slow learners.

And the US is apparently not happy with China continually trying to hack Google and other cloud providers. I doubt they are listening though.

Life is just getting fun folks!

Advertisements

About echlinm

Computer Programmer/Systems Analyst/Hacker S31
This entry was posted in Computers and Internet, hackers, Security and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s