A smurf attack broadcasts ICMP ping packets to multiple computers on a network but spoofs the source address using the IP address of the attacked system. An ICMP packet normally includes the IP address of the sender in the source IP address field. However, by replacing the IP address with the victim’s IP address, the ICMP packet appears to come from the victim’s computer. By broadcasting the ping, all systems on the subnet receive the echo and respond by flooding the attacked system with echo replies.
