Lately one of our machines has been the target of several smurf attacks (no idea why, probably some user kicked off an IRCer from their channel or something equally silly) and so I set out to email each of the sites used as smurf amplifiers ... I couldn't find any sort of tool to do this for me, so I wrote one. It's certainly still needs some work, but I think it'll be useful in it's current condition to anybody else who's tried to do this. If we can notify the smurf amplifiers that they're being abused and let them know what they need to do to fix it, maybe we can make smurf attacks a thing of the past (or at least less effective, as the smurfers will have to look harder to find good amplifiers.) In any event, you can get my program at : http://www.frenzy.com/~dougmc/smurf-complain.pl There's lots of room for improvements, so if you have some changes, by all means send them to me. It uses `ipw' to get contact information. If you don't have `ipw', get it from : http://www.e-scrub.com/ipw Also, while you may wish to use `tcpdump' or look at your router's logs to see where the ICMP echo reply packets were coming from, I was using icmpinfo, which you can get from : http://hplyot.obspm.fr/~dl/icmpinfo.html So far, after running the program once and sending out about 50 emails, I've gotten about 17 bounces and about 15 emails saying they'll fix or have fixed their routers, and two or three emails asking for details or a more clear explanation ... fairly promising. -- Doug McLaren, dougmc@frenzy.com Unsolicited email of a commercial or advertising nature is not welcomed.